At Spacelabs Healthcare, we innovate to improve clinical and economic outcomes through advanced healthcare technology. Our solutions deliver critical patient data, enable better decisions, and help create safer patient environments. Lives depend on you.The Role:We are looking for a senior, hands-on Principal Cybersecurity Test Engineer to join our Cybersecurity Team. You will lead and execute advanced penetration testing across products, applications, infrastructure, and medical devices, ensuring robust security controls are in place and effective.Responsibilities:Design and execute advanced penetration tests on products, applications, and systems, simulating real-world threat actor techniquesResearch emerging threats, vulnerabilities, and attacker intelligence using internal and external sourcesCreate and manage security assessment plans; develop, evaluate, and apply exploits and testing toolsDocument test scope, scenarios, findings, evidence, and recommendations in formal reportsProvide regular assessment status updates and participate in technical and management reviewsPerform secure code reviews, integration testing, defect analysis, and implement approved software changesSupport product investigations related to security complaints and incidentsDevelop internal tools to support Cybersecurity team activitiesContribute to security awareness, training, and company-wide knowledge-sharing initiativesCollaborate closely with cross-functional teams, participate in requirements reviews, and adhere to corporate standards, processes, and proceduresRequirements:Deep expertise in firmware, OS, applications, networking, protocols, encryption, and access controlAttend the office three times per week in Edinburgh.Strong coding skills (Assembly, C/C++, Java, C#, .NET, Python, etc.)Advanced knowledge of Linux & Windows, databases (SQL Server, MySQL, Postgres), and web/app serversNetworking expertise (routing, switching, firewalls, vulnerabilities)Hardware security and hacking (JTAG, FPGA, USB, etc.)Proficiency with security tools (Kali Linux, Nessus, InsightVM, Metasploit, Burp Suite, Wireshark, NetSparker)Secure coding (OWASP), MITRE/SANS Top 25, SSDLC, static code analysisSecurity Frameworks (ISO 2700x, NIST Special Publications)Cloud development and cloud security testingKnowledge of medical device regulations and quality systemsFamiliarity with common attacks (XSS, CSRF, privilege escalation, auth/authz flaws, password cracking)Education & ExperienceDegree in Computer Science, Cybersecurity, Information Security, or Software EngineeringJBRP1_UKTJ