Securities Finance Product Specialist

About the Job We are seeking a Product Security Specialist with expertise in connected / IoT medical devices or healthcare products to join our team. The ideal candidate will work with clients to advise and shape the overall security strategy for products, ensure secure design, development, and deployment across the entire product lifecycle, and implement industry best practices to protect sensitive healthcare data. Collaborate with client product teams and functional groups to define objectives, establish scope, and set timelines for critical product security initiatives, as well as design delivery approaches. Evaluate security risks across client product portfolios and propose remediation solutions that align both technical requirements and business goals. Provide guidance on coding practices, threat modeling, and security testing strategies for embedded systems and IoT devices, ensuring adherence to relevant industry regulations. Partner with client R&D teams to drive secure code reviews, conduct threat modeling, perform security risk and vulnerability assessments, and validate security controls. Stay informed on emerging cybersecurity threats within the IoT and medical device sectors and develop thought leadership content to represent PA’s expertise and viewpoint. Promote team development by supporting training initiatives and delivering high-quality outcomes. Lead projects with confidence, applying a consultative approach to address challenges and deliver solutions. 8+ years of hands-on experience in IoT security, ideally within the medical device or pharmaceutical sectors. ~ Expertise in security frameworks (such as NIST, OWASP, MITRE ATT&CK, PASTA, STRIDE) and familiarity with standards including FDA cybersecurity guidance. ~ Demonstrated ability to assess security risks through recognized methods (e.g., penetration testing, threat modeling, security testing) and evaluate residual risks with compensating controls. ~ Solid experience in applying and proving compliance with frameworks like NIST, IEC, HITRUST, HIPAA, GDPR, ISO 27001, SOC 2 Type 2, as well as working with Quality Management Systems (QMS). ~ Proven ability to author thought leadership pieces and deliver insights on new and emerging security developments.