Senior Cybersecurity Engineer

This position has been filled!

Stay in touch! We announce new positions on Twitter at @innoliticsdev along with articles, tips, and lessons for software-developers.

Thank you for your interest in Innolitics!

Senior Cybersecurity Engineer 🔗

Location: Remote (Continental U.S. only)

Job Type: Full-time

About Us 🔗

Innolitics LLC is a remote-first company specializing in medical device software development and FDA regulatory consulting. Since 2012, we’ve partnered with medical device companies to bring innovative technologies to market. Our team of engineers, consultants, and domain experts works at the intersection of software engineering and regulatory compliance to deliver high-quality solutions.

We are a growing, collaborative team that values clear thinking, attention to detail, and continuous improvement.

If you’re excited by the intersection of technology, medicine, and regulation—and enjoy organizing and clarifying complex information—you’ll feel at home here.

About the Role 🔗

We’re hiring a Senior Cybersecurity Engineer to help our medical device clients secure their products. This is a client-facing role that combines cybersecurity expertise, technical writing, architectural design, and requirements elicitation. You’ll work closely with both clients and our internal team to support the cybersecurity activities involved in a FDA submission of Software as a Medical Device (SaMD).

This is a fully remote position with travel 2-3 times a year to clients and our annual company retreat.

What You’ll Do 🔗

  • Meet with our clients (often startups) who are developing new medical device software so you can understand what their software does, what cybersecurity gaps exist, and suggest how they can fill them.
  • Use Notion (our primary tool for project management and documentation) to stay organized and aligned with the team.
  • Evaluate, edit, and write FDA cybersecurity documentation.
  • Create security architecture diagrams.
  • Help clients set up tooling to generate SBOMs, run SAST, run vulnerability scanners, etc.
  • Guide offline and live threat modeling sessions with client engineering teams.
  • Collaborate with engineers, clinicians, and regulatory consultants to identify appropriate cybersecurity controls for a variety of systems, including web-applications, mobile apps, desktop apps, custom hardware, and more.
  • Draft cybersecurity documentation for our clients (including the cybersecurity parts of user manuals).
  • Learn and apply FDA guidance documents and relevant standards. In particular, the 2025 Cybersecurity Guidance and the 2016 Postmarket Cybersecurity Guidance.
  • See our article “Medical Device Cybersecurity: Best Practices, FAQs, and Examples" for some flavor of how you’d be helping our clients.

What We’re Looking For 🔗

We don’t expect you to have any familiarity with FDA regulations. You’ll learn all about these on the job with our thorough training program. Instead, we’re looking for someone that meets these criteria:

  • Can demonstrate a history of success working independently in a client-facing role
  • 2+ years in product cybersecurity, or 5+ years of software engineering experience and strong interest in cybersecurity
  • An understanding of cybersecurity fundamentals, including cryptography, common attack vectors, and secure product development processes.
  • Excellent attention to detail and strong organizational skills.
  • Clear, concise writing skills.
  • Comfort drafting agendas for and running client meetings.
  • Independent, self-driven problem solver with a focus on providing value to clients.
  • A degree in software engineering, computer science, or an engineering field.

What We Offer 🔗

  • Competitive base salary $130,000 - $170,000 depending on experience
  • 10% performance-based bonus
  • Fully remote work with flexible hours
  • Comprehensive PTO package
  • Partial healthcare reimbursement and automatic 3% contribution to a 401(k) retirement plan
  • Weekly 10x Time
  • Annual company retreat for team building and collaboration
  • Mentorship from experienced regulatory and software professionals
  • Strong career growth opportunities
  • Industry networking opportunities via participation in organizations such as Health-ISAC

How to Apply 🔗

Fill out your information using the form on the link below.

Please, provide a cover letter (4–5 short paragraphs) explaining why this role interests you and why you’re a good fit.

What Happens After you Apply? 🔗

We are hiring as soon as we find the right person—so don’t hesitate to apply! If selected to move forward, you’ll hear from our team within 2–4 business days.

After we review your resume and cover letter, we may email you a few questions. After that, the next step is a one-hour technical interview with an engineer on our team.

If that goes well, the next step will be a take-home threat modeling exercise. We’ll pay $300 to compensate for the time spent on this exercise.

During the final interview, with David (a Partner and Co-Founder) and Reece (our Director of Engineering), you’ll begin by running a mock client-meeting (we’re acting like the client). During the second half of the final interview, we’ll ask technical questions.