CONMED
Lead IT Security Engineer
Vaga remota de Cybersecurity Leadership com fit claro de localização do candidato.
Publicada10 de jul. de 2026
Países elegíveis41 países aceitos
Sinal de senioridadeSenior
Modelo de trabalhoRemoto
Locais aceitos para candidatos
Resumo da vaga
Lead IT Security Engineer
Requisitos e responsabilidades
Conteúdo da vaga extraído em seções para revisão mais rápida.
Security Operations & Incident Response
- Lead detection and response for incidents affecting: manufacturing systems (OT/ICS), connected medical/surgical devices, and enterprise IT environments
- Manage SOC operations with prioritization of IT security, production integrity, and supply chain impact
- Investigate and respond to incidents involving intellectual property theft, disruptions and/or ransomware affecting production lines, and IT vulnerabilities
- Lead regulatory-aligned incident handling and disclosure (local/global authorities)
Security Operations & Incident Response
- Partner with IT, production, and engineering to embed secure-by-design principles across the IT & product lifecycle
- Conduct threat modeling and security risk assessments for surgical and medical devices
- Support compliance with IT security guidance, SOX, ISO27001 & EU GDPR / NIS2
- Identify and remediate product vulnerabilities (secure firmware, APIs, connectivity)
- Support coordinated vulnerability disclosure (CVD) processes
Security Operations & Incident Response
- Secure manufacturing environments (plants, production lines, robotics, control systems)
- Implement segmentation between IT and OT networks
- Lead vulnerability and patch management for industrial control systems
- Reduce risk to production continuity and product integrity
Threat & Vulnerability Management
- Monitor threat landscape with emphasis on nation-state attacks targeting IP, supply chain compromise, medical device exploitation
- Lead proactive threat hunting across cloud environments, OT/manufacturing systems, & product telemetry (if applicable)
- Drive enterprise-wide vulnerability management with prioritization based on patient and product impact
Security Engineering & Architecture
- Implement Zero Trust principles across corporate IT and manufacturing environments
- Drive consolidation and optimization of SIEM/XDR (Sentinel, Defender, etc.), identity platforms (Entra ID, PAM), data protection tools (DLP, encryption for IP and regulated data)
- Secure cloud platforms supporting R&D, analytics, and digital health capabilities
Regulatory Compliance & Risk Management
- Ensure alignment with SOX, ISO 27001, NIST CSF / NIST 800-53 & Global data protection regulations (GDPR where applicable)
- Lead cyber risk assessments tied to patient safety, product risk, and regulatory exposure
- Support internal and external audits and regulatory inspections
- Translate cybersecurity risk into business impact (recalls, production disruption, liability)
Regulatory Compliance & Risk Management
- Protect sensitive data, designs, and trade secrets
- Implement controls for secure collaboration with third-party manufacturers and partners and data encryption and access governance
- Monitor for data exfiltration and insider threats
Leadership & Mentorship
- Provide technical leadership across security operations and engineering functions
- Mentor analysts and engineers on IT/OT security, production security, and incident response in regulated environments
- Act as escalation point for high-impact security events affecting products or manufacturing
Stakeholder Collaboration
- Partner with CIO, CISO, and Chief Product/Engineering Officers, Quality & Regulatory Affairs, Manufacturing / Plant leadership & Legal and Compliance teams
- Communicate cybersecurity risks in terms of IT security & safety, regulatory impact and revenue / production risk
Job Requirements
- Bachelor’s degree in Cybersecurity, Engineering, IT, or related field (or equivalent experience)
- 5+ years of experience in cybersecurity, with exposure to regulated industries or manufacturing environments, with hands-on experience with SIEM/XDR platforms, endpoint, network, and cloud security and/or vulnerability and incident response programs
Preferred Experience:
- Strong knowledge of Security frameworks (NIST, ISO 27001), Identity and access management& network segmentation and Zero Trust principles
- Experience in medical device, healthcare technology, or manufacturing (OT/ICS)
- Familiarity with ISO27001, NIS2, SOX, NIST CF 800-53, & EU GDPR
- Preferred Certifications: CISSP, CEH, GIAC & GICSP (Industrial Control Systems) or HCISPP (strong plus)
- Experience with IT/Production security testing, Threat modeling (e.g., STRIDE), Secure SDLC practices
Preferred Experience:
- Competitive compensation
- Excellent healthcare including medical, dental, vision and prescription coverage
- Short & long term disability plus life insurance -- cost paid fully by CONMED
- Retirement Savings Plan (401K) -- CONMED matches your contributions dollar for dollar, with the potential for up to 7% per pay period
- Employee Stock Purchase Plan -- allows stock purchases at discounted price
- Tuition assistance for undergraduate and graduate level courses
Vagas similares
Mantenha uma lista reserva.
Content Classification, English 9 países aceitos
Taxonomy Analyst (German Speaker)IndeedVer vaga Content Classification, English 9 países aceitos
Taxonomy Analyst (Spanish Speaker)IndeedVer vaga Content Classification, English 9 países aceitos
Taxonomy Analyst (Dutch Speaker)IndeedVer vaga Content Classification, English 9 países aceitos
Taxonomy Analyst (French Speaker)IndeedVer vaga Stack
Use estas tags para comparar vagas remotas similares.
Elegibilidade de localização
Candidatos devem aplicar apenas quando o país do perfil estiver listado aqui.
Seu perfilPaís não definidoEntre para comparar seu país com esta vaga.
Ver todos os 41 países aceitos
AlbâniaArmêniaÁustriaBielorrússiaBélgicaBulgáriaCroáciaChipreTchéquiaDinamarcaEstôniaFinlândiaFrançaAlemanhaGréciaHungriaIslândiaIrlandaItáliaLetôniaLituâniaLuxemburgoMaltaMoldáviaMontenegroPaíses BaixosMacedônia do NorteNoruegaPolôniaPortugalRomêniaSérviaEslováquiaEslovêniaEspanhaSuéciaSuíçaTurquiaUcrâniaReino UnidoEstados Unidos
Fluxo de contratação
O WithMira mostra a vaga e depois envia candidatos para a aplicação da empresa.
1Confira fit da vaga, stack e elegibilidade de localização no WithMira.
2Abra a página de aplicação da empresa pelo link rastreado.
3Salve a vaga ou assine oportunidades similares antes de sair.