At Medcrypt, we aren’t just "checking boxes" for compliance; we are securing the future of healthcare. We’re looking for a Senior Cybersecurity Consultant who lives for the delivery, someone who thrives on taking a complex security challenge and turning it into a seamless, high-value experience for our medical device clients.

This is a role for a self-starter who doesn't need a map to find the destination. You’ll be the face of Medcrypt for our customers and an internal Services champion, ensuring that every engagement is met with technical excellence, clear communication, and a proactive "get-it-done" attitude

What You’ll Do

• Lead Customer Engagements: Act as the primary technical point of contact and trusted advisor for consulting projects, driving end-to-end delivery from the initial sales hand-off to the final executive presentation.
• Deliver Rigorous Technical Reviews: Evaluate client documentation—including threat models, architecture diagrams, data flows, SBOMs, and vulnerability assessments—ensuring they accurately reflect device architectures (OS, cloud services, embedded systems, wireless interfaces).
• Identify & Explain Security Gaps: Analyze client systems for weak assumptions, missing interfaces, and vague threat events. Translate these complex technical deficiencies into clear, actionable risk rationales for the client's product team.
• Evaluate Core Controls: Assess client technologies against core technical controls, including authentication, TLS, certificate/key management, secure boot, code signing, logging, and postmarket monitoring.
• Translate Complexity: Bridge the gap between deep technical security vulnerabilities and executive-level business or regulatory risks, delivering difficult feedback to clients with diplomacy and clarity.
• Drive Process Excellence: Maintain a reputation for polished, high-quality deliverables. Identify gaps in existing delivery workflows and build internal tools, templates, or AI-driven processes to optimize execution.

Who You Are

The Seasoned Consultant: You have 3–5 years of experience in cybersecurity consulting or professional services. You’ve "been in the room" with clients, understand how to manage expectations, and are obsessed with project success.

Technical First: You possess a strong technical foundation in product security, application security, embedded/IoT systems, cloud architecture, or secure development. You can reason through how systems actually work, where keys live, and what an attacker could realistically do.

An Elite Communicator: You can comfortably review complex technical evidence and articulate findings to both deep-dive engineering teams and non-technical executive stakeholders. You are comfortable providing difficult feedback to clients when you identify design or implementation issues that could result in unacceptable cybersecurity risk to a device or to patients

Autonomous & Solution-Oriented: You don’t wait for a task list. You see the project's objective, anticipate client hurdles, and clear them before they impact delivery timelines.

Core Requirements

• 3–5+ years of hands-on cybersecurity experience designing, defending, testing, or auditing real systems (products, applications, networks, cloud environments, or embedded/connected devices).
• Technical Cybersecurity Foundation, in one or more relevant areas such as:as product security, application security, embedded/IoT security, cloud security, network security, penetration testing, vulnerability management, secure software development, or security architecture
• Ability to review cybersecurity documentation and technical evidence, including architectures, data flows, interfaces, threat models, risk assessments, vulnerability reports, security testing evidence, SBOM materials, and control descriptions.
• Proven track record in a client-facing consulting role where performance was measured by project ownership, client satisfaction, and successful end-to-end delivery.
• Working knowledge of common security controls and failure modes, including authentication, authorization, encryption, TLS, key/certificate management, secure boot, code signing, software updates, logging, access control, hardening, vulnerability handling, and insecure data storage.
• Ability to identify and explain cybersecurity gaps, including missing attack surfaces, incomplete threat coverage, unsupported security claims, weak control rationales, unclear trust boundaries, incomplete remediation evidence, and risks affecting confidentiality, integrity, availability, safety, or effectiveness.
• Exceptional writing and presentation skills, the ability to write a technical security report that is as clear, comprehensive, and polished as it is secure.
• Strong working knowledge of common controls and failure modes (e.g., authentication, encryption, key management, secure boot, software update integrity, and insecure data storage).
• Multi-project fluency: Ability to manage multiple client workstreams simultaneously without dropping the ball.
• Tech-Forward: Comfortable leveraging AI, LLM tooling, and security intelligence platforms to accelerate daily delivery workflows.

Benefits:
Fully remote work
Health insurance
Flexible work schedule
Progressive parental and paid family leave
Unlimited vacation policy
Market salaries
401k match
High degree of autonomy

Don’t meet every single requirement? Studies have shown that women and people of color are less likely to apply to jobs unless they meet every single qualification in the job posting. At Medcrypt we are committed to creating a diverse and inclusive environment so we strongly encourage you to apply even if you don't believe you meet every single qualification outlined.

To apply, please forward your resume to [email hidden] with the role in the subject line.

About the interview

We do not use AI tools to screen for applicants. All applicants will be reviewed by a real human. Only candidates selected for an interview will be contacted.

Phase 1: 15 minute call with internal recruitment team

Phase 2: 30 minute interview with hiring manager

Phase 3: 60 minute panel technical interview