Job Overview

einfochips (an arrow company):

einfochips, an arrow company (a $27.9 b, nasdaq listed (arw); ranked on the fortune list), is a leading global provider of product engineering and semiconductor design services. 25+ years of proven track record, with a team of over 2500+ engineers, the team has been instrumental in developing over 500+ products and 40m deployments in 140 countries. company's service offerings include silicon engineering, embedded engineering, hardware engineering & digital engineering services. einfochips services 7 of the top 10 semiconductor companies and is recognized by nasscom, zinnov and gartner as a leading semiconductor service provider.

job descriptions :

experience level: 5+ years

key responsibilities:

• drive end-to-end cybersecurity integration across the medical device product development life cycle, ensuring security is embedded from concept to release.
• develop and maintain cybersecurity for medical products, including security requirements specifications, risk assessments, threat models, and product security architecture documentation.
• conduct thorough gap assessments to evaluate compliance with iec 81001-5-1, iec 60601-4-5, aami tir 57, and aami tir 97 standards, and implement remediation measures.
• perform hands-on vulnerability assessments, penetration testing, and secure code reviews of embedded devices, iomt (internet of medical things) components, and connected systems.
• collaborate closely with development, compliance, and regulatory teams to ensure product security measures meet both internal security policies and external regulatory expectations.
• support sbom management, software supply chain risk evaluations, and third-party component analysis to maintain software transparency and mitigate risks.
• provide expert input on secure communication protocols, encryption standards, data protection for both at-rest and in-transit data, and cloud-based connectivity of medical systems.
• assist in developing incident response strategies and bring working knowledge of hipaa, gdpr, and hl7 to address data privacy and healthcare-specific regulatory concerns.
• contribute to the continuous enhancement of internal secure development processes, tools, and methodologies, while championing security best practices within product teams.

required skills and qualifications:

• minimum of 6 years of experience in cybersecurity, including at least 3 years focused on medical devices, embedded systems, or iot security.
• proven track record in authoring security design, defining technical requirements, and documenting security architectures aligned with regulatory needs.
• hands-on experience in embedded system security including secure boot, firmware security, threat modeling techniques (e.g., stride, dread), and product-level risk assessments.
• strong understanding of iec 81001-5-1, iec 60601-4-5, aami tir 57, and aami tir 97, along with working knowledge of the medical device product development lifecycle and quality standards like iso 14971.
• demonstrated expertise in vulnerability management and penetration testing of connected products across device and cloud ecosystems.
• familiarity with data privacy and interoperability standards such as hipaa, gdpr, and hl7 is highly desirable.
• excellent problem-solving skills, critical thinking, and ability to lead gap analysis and remediation activities in regulated environments.
• strong collaboration skills with the ability to influence cross-functional teams including r&d, compliance, and product management.

why join us?

opportunity to work on cutting-edge technologies.

lead a high-performing team in a fast-paced, dynamic environment.

location: ahmedabad/pune/noida/bangalore/hyderabad/indore

we are looking immediate to 30 days joiner.

interested candidates can share resume on