Innolitics LLC is a remote-first company specializing in medical device software development and FDA regulatory consulting. Since 2012, we’ve partnered with medical device companies to bring innovative technologies to market. Our team of engineers, consultants, and domain experts works at the intersection of software engineering and regulatory compliance to deliver high-quality solutions.
We are a growing, collaborative team that values clear thinking, attention to detail, and continuous improvement.
If you’re excited by the intersection of technology, medicine, and regulation—and enjoy organizing and clarifying complex information—you’ll feel at home here.
We’re hiring a Senior Cybersecurity Engineer to help our medical device clients secure their products. This is a client-facing role that combines cybersecurity expertise, technical writing, architectural design, and requirements elicitation. You’ll work closely with both clients and our internal team to support the cybersecurity activities involved in a FDA submission of Software as a Medical Device (SaMD).
This is a fully remote position with travel 2-3 times a year to clients and our annual company retreat.
Meet with our clients (often startups) who are developing new medical device software so you can understand what their software does, what cybersecurity gaps exist, and suggest how they can fill them.
Use Notion (our primary tool for project management and documentation) to stay organized and aligned with the team.
Help clients set up tooling to generate SBOMs, run SAST, run vulnerability scanners, etc.
Guide offline and live threat modeling sessions with client engineering teams.
Collaborate with engineers, clinicians, and regulatory consultants to identify appropriate cybersecurity controls for a variety of systems, including web-applications, mobile apps, desktop apps, custom hardware, and more.
Draft cybersecurity documentation for our clients (including the cybersecurity parts of user manuals).
We don’t expect you to have any familiarity with FDA regulations. You’ll learn all about these on the job with our thorough training program. Instead, we’re looking for someone that meets these criteria:
Can demonstrate a history of success working independently in a client-facing role
2+ years in product cybersecurity, or 5+ years of software engineering experience and strong interest in cybersecurity
An understanding of cybersecurity fundamentals, including cryptography, common attack vectors, and secure product development processes.
Excellent attention to detail and strong organizational skills.
Clear, concise writing skills.
Comfort drafting agendas for and running client meetings.
Independent, self-driven problem solver with a focus on providing value to clients.
A degree in software engineering, computer science, or an engineering field.
We are hiring as soon as we find the right person—so don’t hesitate to apply! If selected to move forward, you’ll hear from our team within 2–4 business days.
After we review your resume and cover letter, we may email you a few questions. After that, the next step is a one-hour technical interview with an engineer on our team.
If that goes well, the next step will be a take-home threat modeling exercise. We’ll pay $300 to compensate for the time spent on this exercise.
During the final interview, with David (a Partner and Co-Founder) and Reece (our Director of Engineering), you’ll begin by running a mock client-meeting (we’re acting like the client). During the second half of the final interview, we’ll ask technical questions.
