Cybersecurity Compliance Engineer

Join us in pioneering breakthroughs in healthcare. For everyone. Everywhere. Sustainably.

Our inspiring and caring environment forms a global community that celebrates diversity and individuality. We encourage you to step beyond your comfort zone, offering resources and flexibility to foster your professional and personal growth, all while valuing your unique contributions.

Are you a Cybersecurity Expert with a strong foundation in regulatory compliance and secure cloud-native software development?

At Varian, A Siemens Healthineers Company, we’re looking for a skilled professional to lead cybersecurity and compliance activities for a cloud-native SaaS application operating in the regulated medical device domain.

In this role, you will own and evolve our Information Security Management System (ISMS), ensure adherence to international cybersecurity frameworks, and drive certification readiness across the product lifecycle.

Key Responsibilities:

Security & Compliance Leadership

• Own the Information Security Management System (ISMS) and oversee its continuous improvement and certification status.
• Ensure the product meets global cybersecurity regulations, frameworks, and market‑specific compliance requirements (e.g., ISO 27001, SOC 2, C5, ENS, HDS).
• Prepare for, support, and lead internal and external audits, ensuring consistent compliance across teams and documentation.

Pre‑Market Cybersecurity

• Plan, design, and implement security controls for cloud applications aligned with regulatory expectations.
• Conduct and document threat modeling, cybersecurity risk assessments, static code analysis, and third‑party vulnerability testing to ensure regulatory conformity before release.

Post‑Market Cybersecurity

• Perform ongoing compliance monitoring, including vulnerability scanning, incident evaluation, and cybersecurity risk re‑assessment.
• Investigate post‑market cybersecurity complaints and escalations, ensuring timely mitigation and regulatory documentation.

Continuous Compliance Awareness

• Track evolving cybersecurity regulations, standards, and industry best practices—keeping our SaaS platform aligned with the expectations of a regulated medical environment.

About the Product

Noona is an oncology‑focused, cloud‑based SaaS solution supporting patients from diagnosis through follow‑up care. Integrated with ARIA CORE and other hospital information systems, Noona enhances patient care by delivering timely treatment information and extending clinical support directly to patients beyond the hospital environment.

Tech Stack

• Backend: Java, Kotlin with Spring
• Frontend: TypeScript, Angular
• Mobile: Ionic
• Data: PostgreSQL, Snowflake
• CI/CD: GitLab
• Cloud: AWS native SaaS

What You Should Have

• BSc/MSc in Computer Science or a related field
• 3+ years of experience in cybersecurity
• Hands-on experience implementing security compliance frameworks (e.g., ISO 27001, SOC‑2, Germany C5, Spain ENS, France HDS) in a mid-sized organization
• Experience with cloud-native products on AWS or Azure
• Strong collaboration skills and a can‑do mindset
• Excellent communication skills in English (no Finnish required)

Nice to Have

• Experience in the healthcare or regulated software domain
• Prior work with SOC‑2, C5, ENS, HDS, or similar frameworks
• Relevant cybersecurity certifications

If you’re passionate about cybersecurity, compliance, and improving patient care through secure cloud technologies, we invite you to apply and make an impact at the intersection of healthcare and innovation.

#LI-HYBRID

Who we are: We are a team of more than 72,000 highly dedicated Healthineers in more than 70 countries. As a leader in medical technology, we constantly push the boundaries to create better outcomes and experiences for patients, no matter where they live or what health issues they are facing. Our portfolio is crucial for clinical decision-making and treatment pathways.

How we work: When you join Siemens Healthineers, you become one in a global team of scientists, clinicians, developers, researchers, professionals, and skilled specialists, who believe in each individual’s potential to contribute with diverse ideas. We are from different backgrounds, cultures, religions, political and/or sexual orientations, and work together, to fight the world’s most threatening diseases and enable access to care, united by one purpose: to pioneer breakthroughs in healthcare. For everyone. Everywhere. Sustainably.

To find out more about Healthineers’ specific businesses, please visit our company page here.

As an equal opportunity employer, we welcome applications from individuals with disabilities.

Data Privacy: We care about your data privacy and take compliance with GDPR as well as other data protection legislation seriously. For this reason, we ask you not to send us your CV or resume by email. We ask instead that you create a profile where you can upload your CV. Setting up a profile also lets us know you are interested in career opportunities with us and makes it easy for us to send you an alert when relevant positions become open. Register here to get started.

Beware of Job Scams: Please beware of potentially fraudulent job postings or suspicious recruiting activity by persons that are currently posing as Siemens Healthineers recruiters/employees.  These scammers may attempt to collect your confidential personal or financial information.  If you are concerned that an offer of employment with Siemens Healthineers might be a scam or that the recruiter is not legitimate, please verify by searching for the posting on the Siemens Healthineers career site.

To all recruitment agencies: Siemens Healthineers does not accept agency resumes. Please do not forward resumes to our jobs alias, employees, or any other company location. Siemens Healthineers is not responsible for any fees related to unsolicited resumes. As an equal opportunity employer, we welcome applications from individuals with disabilities.