Principal OT Cybersecurity Engineer

 Diversity - Innovation - Caring - Global Collaboration - Winning Spirit - High Performance

At Boston Scientific, we recognize that nurturing a diverse and inclusive workplace helps us be more innovative and it is important in our work of advancing science for life and improving patient health. That is why we stand for inclusion, equality, and opportunity for all. By embracing the richness of our unique backgrounds and perspectives, we create a better, more rewarding place for our employees to work and reflect the patients, customers, and communities we serve. Boston Scientific is proud to be an equal opportunity and affirmative action employer and has been recognized with the Catalyst Award in 2022, a prestigious recognition of diversity, equity, and inclusion excellence. Also, we have a Gender Equality Policy to support our commitment.

Hybrid Roles:

Boston Scientific's hybrid workplace includes WFH and onsite. You will have the opportunity to discuss details in the interview. 

About the role:

Boston Scientific is seeking a highly skilled Principal OT Cybersecurity Engineer with over 8 years of experience to lead our operational technology cybersecurity strategy. The ideal candidate will have a strong background in OT cybersecurity, with a proven ability to develop and implement strategic initiatives across globally diverse sites to enhance cybersecurity posture and protect critical industrial systems.

The ideal candidate will be responsible for developing, implementing, and maintaining cybersecurity standards, policies, and procedures specific to operational technology environments. This role will focus on safeguarding critical infrastructure and industrial control systems from cyber threats, ensuring compliance with relevant regulations and industry best practices.

Your responsibilities include: 

• Operate as the cybersecurity subject matter expert for projects identifying security requirements, assessing risks, and recommending controls.
• Establish governance frameworks and policies to enforce cybersecurity standards and practices specifically tailored for operational technology (OT) environments.
• Ensure alignment with industry standards, regulatory requirements, and best practices, such as NIST Cybersecurity Framework, ISA/IEC 62443, and sector-specific regulations.
• Perform regular risk assessments and vulnerability assessments of OT systems, including industrial control systems (ICS), SCADA systems, and embedded devices.
• Identify and prioritize cybersecurity risks and vulnerabilities based on potential impact on critical operations and assets.
• Design, deploy, and maintain technical security controls and countermeasures to protect OT environments from cyber threats.
• Support internal and external audits, assessments, and compliance reviews related to OT cybersecurity controls and practices.
• Develop and deliver cybersecurity training and awareness programs tailored for OT personnel, including operators, engineers, and maintenance staff.
• Provide technical expertise and guidance to OT teams on cybersecurity-related matters, including secure architecture design, secure configuration management, and secure coding practices.
• Collaborate with cross-functional teams, including IT security, engineering, and operations, to integrate cybersecurity requirements into OT projects and initiatives.
• Evaluate and recommend new cybersecurity tools, techniques, and methodologies to enhance the security posture of OT systems and infrastructure.
• Maintain accurate documentation of cybersecurity policies, procedures, incidents, and remediation activities related to OT cybersecurity.
• Prepare regular reports and metrics to communicate the effectiveness of OT cybersecurity controls and initiatives to senior management and stakeholders.
• Communicate complex technical concepts and cybersecurity risks to non-technical stakeholders in a clear and understandable manner.

What we are looking for: 

• Bachelor’s degree in computer science, Information Security, or a related field. Advanced degree or professional certifications (e.g., CISSP, CISM, GICSP) preferred.
• Minimum of 8 years of experience in cybersecurity, with a focus on operational technology environments.
• Professional certifications, such as CISSP, GIAC (GSTRT, GLEG, GSLC, GPEN), OSCP, or other applicable technical certifications showing the area of expertise from qualified and reputable vendors and certification agencies.
• Experience with interpreting Security Control & Program Frameworks such as NIST 800-53, NIST 800-82, CIS Critical Security Controls, and IEC62443, into Cybersecurity Program, Policies & Procedures
• In-depth knowledge of industrial control systems (ICS), SCADA systems such as PCS, SCADA, PLCs, RTUs, HMIs, and other OT technologies.
• Hands-on experience with 1 or more security tools Dragos, ORDR, Armis, and Claroty.
• Experience developing and implementing cybersecurity policies and procedures.
• Proficiency in conducting risk assessments and vulnerability assessments of OT systems.
• Knowledge of the Purdue Model for OT/ ICS cybersecurity
• Excellent communication skills, with the ability to effectively collaborate with cross-functional teams and communicate complex technical concepts to non-technical stakeholders.

Requisition ID: 579942

As a leader in medical science for more than 40 years, we are committed to solving the challenges that matter most – united by a deep caring for human life. Our mission to advance science for life is about transforming lives through innovative medical solutions that improve patient lives, create value for our customers, and support our employees and the communities in which we operate. Now more than ever, we have a responsibility to apply those values to everything we do – as a global business and as a global corporate citizen.

So, choosing a career with Boston Scientific (NYSE: BSX) isn’t just business, it’s personal. And if you’re a natural problem-solver with the imagination, determination, and spirit to make a meaningful difference to people worldwide, we encourage you to apply and look forward to connecting with you!

Benefits • Life-Work Integration • Community • Career Growth

At Boston Scientific, you will find a collaborative culture driven by a passion for innovation that keeps us connected on the most essential level. With determination, imagination, and a deep caring for human life, we’re solving some of the most important healthcare industry challenges. Together, we’re one global team committed to making a difference in people’s lives around the world. This is a place where you can find a career with meaningful purpose—improving lives through your life’s work.