iRhythm Technologies is seeking a Senior Director, Product Security to define and lead the security strategy for our medical device portfolio. You will ensure robust protection of patient data, device integrity, and compliance with complex regulations.
What You'll Do
- Develop and execute a comprehensive product security strategy aligned with business and regulatory objectives.
- Lead the Product Security function, building and mentoring a high-performing team of security professionals.
- Establish and refine security governance frameworks, policies, and best practices for medical device development and deployment.
- Partner with senior executives to prioritize security investments, allocate resources, and balance risk mitigation with innovation.
- Oversee end-to-end product security management, including risk assessments, threat modeling, vulnerability management, and incident response.
- Ensure compliance with FDA, HIPAA, GDPR, and international cybersecurity regulations and standards (e.g., NIST, EU MDR, IEC 62304).
- Guide secure design reviews, SBOM management, and security documentation for pre- and post-market activities.
- Champion secure coding practices and collaborate with development teams to integrate security into SDLC and PDLC.
- Drive alignment across engineering, regulatory, privacy, and quality teams to deliver secure products from concept through commercialization.
- Act as the primary interface for product security with executive leadership, external partners, and regulatory agencies.
- Synthesize complex technical and regulatory information into clear communications for senior stakeholders.
- Recruit, mentor, and develop a team of product security experts, fostering a culture of accountability, collaboration, and professional growth.
- Provide coaching and thought leadership to elevate the product security discipline across the organization.
What We're Looking For
- Bachelor’s degree in Computer Science, Engineering, Information Security, or related field.
- 15+ years of progressive experience in information security, product security, or medical device development.
- At least 8+ years in leadership roles.
- Deep expertise in security principles, methodologies, and tools for medical devices, including risk assessment, threat modeling, vulnerability management, and incident response.
- Experience with medical device design control requirements, secure coding practices, and regulatory processes.
- Proven track record of leading cross-functional teams to deliver secure hardware/software products in regulated environments.
- Strong understanding of FDA, HIPAA, GDPR, NIST, and international cybersecurity frameworks.
- Exceptional leadership, communication, and stakeholder management skills.
- Ability to influence without authority and navigate matrixed organizations.
Nice to Have
- Advanced degree.
- Industry certifications (CISSP, CISM, CISA, or medical device security-specific certifications).
Team & Environment
You will lead the Product Security function, building and mentoring a high-performing team of security professionals.
Benefits & Compensation
- Salary: $215,000.00 - $280,000.00
Work Mode
This is a remote position open to candidates located in the US.
iRhythm Technologies, Inc. is an Equal Opportunity Employer. We will consider for employment all qualified applicants with arrest and conviction records in accordance with all applicable laws.
