Senior Engineer - Cyber Security

About Pramana: Pramana, inc. is based in Cambridge, MA (USA), with R&D and manufacturing sites in Bangalore (India), Rochester (MN, USA) and Toronto (Canada). Pramana was established in 2021 as a spin-off from Nference. inc. Pramana’s vision is to bring fully autonomous systems to pathology labs and enable them to achieve AI-enabled workflows for serving patients. Pramana’s unique offering in this ecosystem is powered by its differentiated approach to hardware-software co-design. Visit us at to learn more. About the Role We are seeking a highly skilled and experienced Cybersecurity Professional to join our team. This role is critical in ensuring that our digital pathology solutions meet regulatory requirements and maintain the highest standards of cybersecurity. The ideal candidate will have a deep understanding of medical device cybersecurity, regulatory compliance, and quality management systems, particularly in the context of FDA, CE Mark, and US Federal Government requirements. Key Responsibilities: Regulatory Compliance:

• Ensure compliance with FDA cybersecurity guidelines for medical devices, including risk management and mitigation strategies.

Risk Management:

• Conduct comprehensive risk assessments to identify potential cybersecurity threats and vulnerabilities.
• Develop and implement risk mitigation strategies to protect our digital pathology systems.

Quality Management System (QMS):

• Integrate cybersecurity best practices into our ISO 13485 certified QMS.
• Develop and maintain cybersecurity policies and procedures in line with ISO 13485 standards. Support internal and external audits by providing evidence of cybersecurity measures and their effectiveness.

Continuous Monitoring and Incident

• Implement continuous monitoring processes to detect and respond to cybersecurity incidents promptly.
• Develop and maintain incident response plans to address and mitigate the impact of cybersecurity breaches.

Collaboration and Training:

• Work closely with cross-functional teams, including product development, IT, and regulatory affairs, to ensure cybersecurity is considered at every stage of the product lifecycle.
• Provide cybersecurity training and awareness programs for employees to foster a culture of security.

Qualifications: -Bachelor’s degree in Computer Science, Information Security, or a related field; advanced degree preferred. -Minimum of 4 years of experience in cybersecurity, preferably in the medical device or healthcare industry. -In-depth knowledge of FDA cybersecurity guidelines, EU MDR requirements, and US Federal Government cybersecurity standards. -Experience with ISO 27001 and integrating cybersecurity into QMS. -Proven track record of successfully navigating the ATO process. -Strong understanding of risk management principles and methodologies. -Excellent problem-solving skills and attention to detail -Strong communication and collaboration skills.