Senior Mobile Security Engineer (Remote/Flexible)

Insulet started in 2000 with an idea and a mission to enable our customers to enjoy simplicity, freedom and healthier lives through the use of our Omnipod® product platform. In the last two decades we have improved the lives of hundreds of thousands of patients by using innovative technology that is wearable, waterproof, and lifestyle accommodating.

Senior Mobile Security Engineer
Position overview:
Insulet is a leading developer and manufacturer of wearable, connected medical devices and is
seeking a seasoned mobile security expert to join the Product Cybersecurity Team and support the
R&D teams in developing next generation IoT solutions for the Android and iOS platforms. Our state
of the art, next generation medical devices are industry leaders in automated insulin delivery. If you
have experience in areas such as threat modeling, mobile application security, security architecture,
cyber resiliency, and security operations; you may be the right individual to help us secure the mobile
medical device experiences of our patients.
Responsibilities
· Researching, developing, and improving defensive tactics, techniques, and procedures for detecting
and responding to mobile cybersecurity threats for medical device applications.
· Performing security evaluations and internal penetration testing of medical device applications for
the Android and iOS platforms.
· Conduct regular risk assessments of the mobile applications by creating, updating and maintaining
threat models and performing code reviews.
· Work with engineering and systems teams to ensure secure design, development and validation of
our products, configure and deploy new tooling, and improve response capabilities.
· Analyze security data and report on threats and incidents across various platforms and
environments.
· Interact directly with the security community regarding mobile security vulnerabilities and threats.
· Lead mobile security training, outreach and reviews for internal development teams.
· Ensure products comply with FDA guidance and regulations for cybersecurity.
· Work alongside the mobile security architect to execute on security initiatives.
Education and Experience
· BS/MS in Computer Science, Information Systems, Computer Engineering, or the equivalent in
experience and evidence of exceptional ability.
· Excellent understanding and experience in multiple security domains such as application security,
mobile security, hardware security, and incident response.
· Programming skills in Java, Kotlin, Swift, Python or other languages.
· Automation and development experience in Python, Go, Rust, C++, JavaScript, etc.
Required Skills and Competencies
· Strong knowledge of OWASP Mobile Application Security Verification Standard (MASVS)
· Strong knowledge of OWASP Mobile Application Security Testing Guide (MASTG)
· Strong knowledge of both Android and iOS platforms.
· Experience with static and dynamic penetration testing.
· Experience with code protection tools such as Dexguard.
· Experience performing threat modeling and risk analysis of mobile applications
· Possess strong English writing and communication skills.
Preferred Skills and Competencies
· Experience working to secure the development of medical device applications
· Experience working with medical devices and relevant FDA regulations for cybersecurity.
· Experience working with multiple stakeholders such as engineering/systems teams, internal
business units, and external incident response teams throughout the incident lifecycle.
· Strong knowledge of MITRE ATT&CK Framework – Mobile Matrices
· Strong knowledge of NIST Cybersecurity Framework

NOTE: This position is eligible for 100% remote working arrangements (may work from home/virtually 100%; may also work hybrid on-site/virtual as desired). #LI-Remote  

Additional Information: