Skip to content
MVPeopleGroup
Application Security

Product Security Specialist

Nijmegen, GEPermanent (MVPermanent)HybridSeniorgezondheidszorg

About the assignment

A leading HealthTech organisation in medical imaging is building a dedicated product security function. You own security across the entire software development lifecycle—from policy and threat modelling through to vulnerability management and penetration testing.

This is a newly created, independent senior role with genuine autonomy. You'll embed security controls into CI/CD pipelines, manage software supply chain risk, and support regulated compliance (ISO 27001, EU MDR, NIS2). Your decisions shape how the engineering organisation approaches security.

The role sits at the intersection of developer experience and clinical responsibility: the software you secure directly impacts patient trust and breast cancer detection outcomes.

Your responsibilities

  • Own and evolve the Secure Development Lifecycle policy; embed it into engineering workflows and practices
  • Drive end-to-end vulnerability management: intake, triage, risk assessment, remediation tracking and coordinated disclosure
  • Run the penetration testing programme, including scoping, vendor coordination, findings review and remediation follow-up
  • Embed security controls into CI/CD pipelines: SAST, DAST, SCA, secrets detection and container scanning
  • Tackle software supply chain risk: SBOM processes, open-source dependency management and secure build practices
  • Lead threat modelling, secure design reviews and security risk assessments for new product features
  • Support customer security reviews and technical security discussions with enterprise stakeholders
  • Define and report product security metrics to leadership; track progress against security baselines

Tech Stack & Tools

Platforms & Tooling

SAST toolsDAST toolsSCA (Software Composition Analysis)secrets scanningcontainer scanningSBOM tooling

Frameworks & Standards

IEC 62304ISO 14971ISO 27001FDA cybersecurity guidanceEU MDRNIS2OWASPNIST SSDF

Methodologies

Secure Development Lifecycle (SDL)threat modellingvulnerability managementcoordinated disclosuresecure design review

Certifications (preferred)

CISSPCSSLPCCSPGWAPTOSCP

Must-haves

  • Background in product security, application security, cloud security or DevSecOps
  • Proven vulnerability management experience: prioritisation, remediation tracking, risk communication to technical and non-technical audiences
  • Hands-on experience with CI/CD security tooling (SAST, DAST, SCA, secrets scanning or container scanning)
  • Solid understanding of software supply chain risk, SBOMs and secure build and release practices
  • Strong cross-functional collaboration: influence without formal authority and translate security into actionable guidance

Nice-to-haves

  • Experience with medical device software, regulated environments or AI/ML-enabled products
  • Familiarity with enterprise security reviews or coordinated vulnerability disclosure programmes
  • Security certifications (CISSP, CSSLP, CCSP, GWAPT or OSCP)

What we offer

  • Genuine ownership: build product security from the ground up, not maintain existing frameworks
  • Measurable impact on clinical outcomes: your work improves breast cancer detection worldwide
  • Scale-up environment where your decisions shape how the engineering organisation evolves
  • AI-native culture: leverage AI tooling as a force multiplier in research, building and communication
  • Hybrid working based in the East Netherlands
  • Personal guidance from a dedicated MVPeople consultant who knows your niche

The process

1

Introduction

Phone call with your MVPeople consultant (within 24 hours)

2

Match & Brief

We discuss the assignment in detail and prepare you

3

Client meeting

Introduction to the client

4

Start

Contracting and onboarding

Details

Type

Permanent (MVPermanent)

Location

Nijmegen, GE

Work model

Hybrid

Level

Senior

Industry

gezondheidszorg

Market indication

€80,000 - €108,000 per year

Posted

14 July 2026

Job ID

56488



Contact

Apply nowMore information
Apply now