Principal Cybersecurity Engineer - Medical Device & Cloud Security
Resume:
Shawn E. Siah, M.S.
*****.****@*******.***
www.linkedin.com/in/sscs
San Diego, CA
Cell: 760-***-****
Principal Cybersecurity Engineer
Visionary SME Cybersecurity Engineering with 18 years of experience in designing and implementing secure, scalable architecture for global organizations. Expert in Medical Product Cybersecurity, cloud security, zero-trust frameworks, and AI-powered threat intelligence solutions. Deep expertise in full-lifecycle product security—from threat modeling (STRIDE) and secure architecture design to SBOM management, penetration testing, and post-market vulnerability remediation. Proven track record at Baxter developing SSDLC frameworks compliant with FDA premarket guidance, IEC 62304, ISO 14971, and UL 2900. CISSP and CCSP certified with a strong technical foundation in embedded Linux, RTOS, hardware security (OP-TEE, TrustZone), and cloud security (AWS, PKI). A cross-functional leader who bridges engineering, regulatory, and quality teams to deliver secure, certifiable medical devices. A proven leader in aligning cybersecurity strategies with business objectives, reducing risk, and enhancing organizational and product resilience. Passionate about mentoring and delivering innovative solutions to protect enterprise ecosystems from evolving threats.
Core Competencies
Cybersecurity Leadership: Strategic planning, team management, and cross-functional collaboration.
AI-Driven Threat Intelligence: Leveraging machine learning for anomaly and malware detection.
Zero-Trust Architecture: Design and Implementation at enterprise scale.
Cloud Security: Compliance and solutions for AWS, Azure, and Google Cloud.
Network Security: Compliance and Architecture for Cisco, Palo Alto networks.
Identity Management: Provisioning, federation, integrations, and user lifecycle management tasks.
Product Security Engineering: Secure product lifecycle (SSDLC), security requirements, design reviews, and release readiness.
Threat Modeling & Secure Architecture: STRIDE-based modeling, abuse-case analysis, and secure design patterns for products and services.
SBOM & Open-Source Risk: SBOM governance, SCA, CVE remediation, and component provenance for audits and customer requests.
DevSecOps: Integrating security into Continuous Integration/Continuous Deployment (CI/CD) pipelines.
Security Testing Automation: Integrate SAST/DAST/SCA and secure code review into CI/CD pipelines with measurable quality gates.
Risk Management: Governance, Risk Assessment, and Compliance (GRC).
PSIRT / Coordinated Vulnerability Disclosure (CVD): Intake/triage, risk scoring, mitigation planning, and customer-facing security communications.
Data Loss Prevention (DLP) – Security measures and tools designed to prevent sensitive data from being accidentally or maliciously leaked, lost, or stolen. DLP solutions monitor and control data flows across networks, endpoints, and cloud environments.
Skill Areas
•Software Code Review
•Cryptography
•Data Loss Prevention
•Data Classification
•Data Governance
•Vulnerability Management
•Project Management
•Secure Coding
•Software Development Lifecycle (SDLC)
•Network Security and Monitoring
•Securing Artificial Intelligence Application
•Change Control Management
•System Hardening
•Cloud Security Knowledge
•Attack Surface Management
•Incident Response
•Threat Intelligence
•Communication and Presentations
•Enterprise Endpoint Protection
•CVE submissions and contributions to the security community
•IoT Security
•Identity Management
•Security testing and analysis tools
•Threat Modeling (STRIDE)
•Continuous Process Improvement
•Agile & Scrum and Collaboration
•Privileged Account Management (PAM)
•Adaptive Authentication (based on risk)
•User Entity Behavior Analytics
•STIX and TAXII
Technical Proficiencies
OS & Cloud Platforms: Linux Unix AIX Solaris AWS Azure Microsoft 365
Frameworks: NIST 2.0 NIST SP 800-53 ISO 27001 IEC 62304 ISO 14971 ISO 13485 UL 2900 FIPS 140-2 DO-178B/C STRIDE CVSS SABSA TOGAF GMPs 21 CFR Part 11 GAMP 5 GCP/GLP HIPAA SOX GDPR PII PHI
Cybersecurity: STRIDE, secure boot, secure firmware update, secure communication TLS 1.3 and PKI key management, Burp Suite, nmap, Metasploit, IDA Pro
Languages: Python C/C++ React QT Swift Java PHP JavaScript Bash KornShell
Database Systems: Oracle (incl. ASM) SQL Server MySQL PostgreSQL MongoDB
Tools: Next-Gen Firewalls & Switching Network IDS/IPS Email Security Gateways Endpoint Protection (EDR/MDR/UEBA) CloudTrail Security Hub GuardDuty Vulnerability Scanning Identity & Access Management SIEM CMDB PAM SCA SAST DAST Darktrace Carbon Black Microsoft Sentinel Sumo Logic Splunk Palo Alto Cortex XSOAR Palo Alto Prisma Cybellum Veracode SonarQube SentinelOne Traceable CrowdStrike Falcon ASM Proofpoint Armis (Asset Inventory)
Key Accomplishments
Designed and implemented a zero-trust architecture, resulting in a 50% reduction in unauthorized access incidents.
Developed threat detection systems that identified and mitigated 95% of anomalies in real-time.
Led a team of 15 security analysts, improving incident response time by 60%.
Conducted risk assessments for a multinational company, resulting in a 40% reduction in vulnerabilities.
Spearheaded cloud security initiatives, ensuring compliance with NIST 2.0, ISO, IEC, HIPAA standards.
Career Experience
Principal Cybersecurity Engineer, Boston Scientific (Consultant) April 2025 – Present
Lead principal-level cybersecurity engineering efforts focused on secure architecture, risk reduction, and enterprise security controls across business and product environments. Partner with cross-functional stakeholders to drive security-by-design, improve vulnerability management and incident readiness, and align security initiatives with regulatory and industry frameworks.
Product cybersecurity focus: embed security requirements and controls into the product lifecycle, including secure architecture reviews, threat modeling, SBOM governance, and vulnerability management; partner with R&D and quality/regulatory teams to support release readiness, post-market surveillance, and customer/third-party security assessments.
Drive product security-by-design across the lifecycle; improve security gating and reduce late-stage security findings by 25% prior to release.
Increase SBOM availability for customer/regulatory requests to 90% of in-scope releases and shorten fulfillment turnaround from 10 business days to 3.
Implement risk-based vulnerability triage (CVSS + exploitability + patient safety impact), improving on-time remediation to 85% and reducing critical/high aging items by 30%.
Integrate SAST/DAST/SCA into CI/CD for product teams; raise automated security test coverage to 70% and cut release security review cycle time by 30%.
Strengthen PSIRT/CVD execution by standardizing intake, triage, and comms; reduce disclosure triage time from 60 days to 30 days and sustain 90% customer notification SLA adherence.
Lead threat modeling and security architecture reviews across product lines; identify high-risk abuse cases early and drive mitigations prior to release.
Define and operationalize security requirements across SDLC/SSDL (authN/authZ, crypto, logging, secure updates), improving release readiness and reducing late-stage security defects.
Expand SBOM coverage and open-source governance (SCA); reduce critical/high CVE backlog by 30% and improve remediation SLA compliance from 80% to 90%.
Create security architecture patterns and reference designs (identity, encryption, telemetry), accelerating delivery by enabling teams to reuse approved controls across 2 programs.
Drive a risk-based product security roadmap; deliver 6 priority initiatives in 6 months and decrease overdue remediation items by 20%.
Establish product security KPIs/KRIs and executive reporting; improve visibility of risk posture across 2 portfolios and increase on-time remediation from 70% to 85%.
Lead third-party and supplier security assessments; standardize intake and reduce assessment cycle time by 25% while improving remediation tracking for high-risk findings.
Run product incident tabletop exercises and refine playbooks; improve cross-team response readiness and decrease time-to-containment during simulations by 33%.
Mentor engineering teams on secure design/coding and drive secure SDLC governance; increase security training completion from 60% to 85% and reduce recurring findings by 40%.
Principal Cybersecurity Engineer, Danaher (Consultant) April 2023 – April 2025
Served as a cybersecurity SME, identifying vulnerabilities, implementing security controls, and monitoring the threat landscape to reduce risk across product and enterprise environments. Led security operations strategy spanning vulnerability management, incident response, application security, threat monitoring, and risk assessment; partnered with global teams to deliver roadmaps for continuous improvement. Ensured alignment with business objectives and regulatory requirements in collaboration with R&D, Quality, Regulatory Compliance, Legal, Sales, and Manufacturing.
Performed vulnerability assessments and penetration testing to identify and remediate security weaknesses.
Developed threat models and drove mitigations to address product and application security risks.
Automated security workflows using Python and APIs to improve vulnerability management, compliance monitoring, and threat detection.
Led incident response activities, including coordination, containment, and recovery for security events.
Performed secure code reviews and validated adherence to secure coding practices.
Partnered with cross-functional teams (e.g., R&D, scientists, manufacturing, IT, and compliance) to integrate security controls into key processes, including the Software Development Lifecycle (SDLC).
Conducted risk assessments and security monitoring activities to identify and mitigate risks across business operations proactively.
Led IAM initiatives, including user lifecycle management, privileged access governance, and RBAC to strengthen security posture.
Conducted assessments and enforced security controls to manage third-party integration risks.
Delivered security awareness training on secure practices and emerging threats.
Ensured compliance with ISO/IEC 27001, NIST, HITRUST, HIPAA, GDPR, GMP, 21 CFR Part 11, and GxP requirements for PII/PHI.
Software Bill of Materials (SBOM) Management: Maintain the integrity of SBOMs to secure software components.
Process and Budget Management: Implement quality systems, manage cybersecurity budgets, and drive continuous process improvements.
Conduct comprehensive risk assessments to evaluate the impact of security threats and vulnerabilities.
Pre-Sales Technical Support, ensuring solutions are aligned with client needs and product capabilities, while training sales teams on compliance offerings.
Stayed current with emerging security threats, regulatory changes, and trends; contributed as a member of the Cybersecurity Council and Incident Response Team.
Principal Cybersecurity Engineering, PriceSmart, Inc., San Diego, CA, May 2014 – April 2023
Designed and implemented security frameworks for enterprise systems; conducted risk assessments, led incident response, and partnered with cross-functional teams to integrate controls into enterprise operations and the SDLC. Led company-wide security training, audits, vulnerability assessments, code reviews, and change control processes.
Built relationships with external security organizations, agencies, and law enforcement to share threat intelligence and strengthen incident response. Optimized headcount, budgets, training, and systems; recruited, onboarded, developed, and evaluated staff; and supported promotions and recognition decisions.
Designed and implemented a zero-trust architecture across a global enterprise, resulting in a 55% reduction in security breaches.
Spearheaded the adoption of AI and machine learning tools, resulting in a 65% reduction in threat detection and response time.
Developed and implemented Python-based integrations for security tools to enhance threat detection, compliance enforcement, and incident response.
Automated security workflows using dynamic scripting and API-driven solutions to strengthen security posture and reduce operational risks.
Built and led a global team of over 20 engineers, fostering innovation and collaboration to resolve over 1,000+ security incidents annually.
Directed the migration of enterprise applications to AWS and Azure, ensuring security and compliance with NIST 2.0 standards.
Developed a multi-layer defense strategy that mitigated APTs and reduced system vulnerabilities by 45%.
Participated in software code reviews to identify potential security issues.
Supported change control processes to ensure secure and stable system updates.
Managed an annual Information Security budget of $2.1 million.
Education
Master of Science in Cybersecurity Engineering & Operational Leadership, University of San Diego, San Diego, CA
Licenses & Certifications
Certified Information Security Professional (CISSP), ISC2, 2022
Certified Cloud Security Professional (CCSP), ISC2, 2022
Memberships
ISACA member
ISC2 Member
CISA CVE Naming Authority Program
Health-ISAC member
Health-ISAC Americas Chapter Medical Device Security Council
Health-ISAC Vulnerability Management Working Group
Health-ISAC Artificial Intelligence Working Group
Health-ISAC Cyber Security Risk Management Working Group
Health-ISAC Diversity and Inclusion Working Group
Health-ISAC Human Risk Working Group
Health-ISAC IT Risk Management Working Group
Health-ISAC CTI Program Development Working Group
Health-ISAC Western Chapter of the Pacific Medical Device Security Council (MDSC)
Danaher Global Product Council
Thursday Defense Working Group
Training
Splunk Fundamentals 1,2, and 3, Splunk Education Center, 2019
ISC2 - ISSAP Training Program, in progress
Advanced Threat Modeling Course, 2024
Secure Coding Training, 2024
Presentations
Security Awareness Training, during Cybersecurity Month, 2019 - Present
Affiliations
Member – California Chapter, (ISC)2, Nov 2022 – Present
Member – San Diego Chapter, Information Security Association (ISSA), Aug 2022 – Present
Contact this candidate