Principal SDET, Cybersecurity Test Engineer

System One invites a seasoned security-minded software quality engineer to join our Denver, CO onsite team as a Principal SDET, Cybersecurity Test Engineer. This role centers on shaping and embedding cybersecurity throughout the software development lifecycle for medical devices, ensuring tests are comprehensive, verifiable, and actionable. The position offers a competitive annual salary of USD 144,000 to 180,000, a full suite of health and welfare benefits, and a 401(k) plan. You will lead cross-functional efforts within R&D, drive security testing strategy, and mentor engineers to raise the bar on product security.

Responsibilities

• Define a standardized cybersecurity testing strategy for the Software Quality Engineering organization that aligns with product architecture, regulatory requirements, and business goals.
• Provide training and mentorship on cybersecurity testing practices, develop training materials, and conduct knowledge transfer sessions so teams can operate independently.
• Create cybersecurity test plans that satisfy medical device regulatory standards and expectations.
• Conduct risk and vulnerability assessments on new and existing products and implement security testing protocols to safeguard sensitive data.
• Oversee design and execution of automated test scripts and frameworks across the test pyramid, applying security-focused design patterns.
• Lead dynamic application security testing (DAST) initiatives and advise on feasibility, implementation, and ongoing maintenance of security test automation.
• Collaborate with architecture teams to establish cybersecurity testing standards and influence software architecture and development practices to surface vulnerabilities earlier.
• Partner with development, cybersecurity, quality assurance, engineers, and architects to identify vulnerabilities and embed security testing into the product lifecycle.
• Coordinate with external partners and consultants on joint security testing efforts.
• Contribute to multiple codebases within Scrum teams, address environment and test automation challenges, and review and approve code and test changes.
• Guide discussions on the appropriate test level for a given feature and engage across levels as needed to meet security objectives.
• Stay current with evolving cybersecurity threats, tools, and practices, updating testing methods accordingly.

Qualifications

• Bachelor’s degree in Computer Science, Engineering, or a related field, or equivalent education and experience.
• Minimum 8 years in an SDET role, including at least 5 years focused on cybersecurity testing.
• Solid computer science foundation with knowledge of design patterns, data structures, OOP, and software design principles.
• Proficiency in object-oriented and embedded software development using C#, C++, and Python.
• Deep expertise in cybersecurity principles, frameworks, and secure software development practices, with emphasis on medical devices.
• Experience identifying, assessing, and mitigating security vulnerabilities, including performing formal risk assessments.
• Extensive background designing and implementing automated test frameworks and scripting solutions.
• Proven ability to apply cybersecurity testing across unit, integration, and system levels.
• Experience integrating automated testing and security into CI/CD pipelines (DevSecOps).
• Hands-on use of DAST and other security testing tools, methodologies, and techniques.
• Relevant cybersecurity and product security certifications (e.g., CISSP, CSSLP, OSCP).
• Familiarity with modern development technologies including Docker, REST APIs, JSON, and Azure cloud.
• Strong source code management skills and experience with Git-based collaboration workflows.
• Proven ability to drive organizational change, align stakeholders, and promote engineering and security best practices.
• Demonstrated technical leadership and strong cross-functional communication to influence architecture, development, and quality strategies.
• Self-driven, adaptable, and committed to continuous learning, innovation, and process improvement.

Technologies

• C#
• C++
• Python
• Docker
• REST APIs
• JSON
• Azure
• Git
• DAST

Benefits

• Health and welfare coverage including medical, dental, vision, spending accounts, life insurance, and voluntary plans, plus a 401(k) retirement plan.