About Us
Oxford Nanopore Technologies (ONT) and its subsidiary Oxford Nanopore Diagnostics (OND) are leaders in next-generation gene sequencing (NGS), developing, manufacturing, and selling products based on ONT’s unique nanopore-based technology. Our platforms are used globally for both Research Use Only (RUO) and in-vitro diagnostic (IVD) applications. With design and manufacturing based in Oxford and a global customer base, our products must comply with international regulatory standards—managed via ISO 13485 (OND) and ISO 9001 (ONT) Quality Management Systems.
The Role
We are seeking a highly skilledSoftware and Cyber Security Compliance Engineerto join our Quality Assurance team. This role works closely with engineering to ensure our standalone software products, cloud services, and connected devices comply with global cybersecurity standards and regulatory frameworks, including FDA, ISO 13485, IEC 62304, and others. You’ll be based full-time at our Oxford Science Park facilities, with flexibility under our remote working policy.
Key Responsibilities
Independently review and contribute to software plans, architecture designs, risk reviews (including threat modelling), compliance assessments, design tracing, and test reviews. Provide oversight on change control, non-conformance, audits, CAPA, risk management, and post-market surveillance related to software, firmware, and cloud-based products. Ensure lifecycle activities align with applicable standards, internal procedures, and global regulations. Participate in and support internal/external audits, including regulatory and certification audits. Review and approve processes, documents, and records related to design and development. Collaborate across software development, manufacturing, and distribution teams.
What We’re Looking For
Essential Qualifications & Experience:
HND, Bachelor’s, or Master’s in Computer Science, Software Engineering, Cybersecurity, Biomedical Engineering, or related field. 3–5 years’ experience in software compliance and cybersecurity for regulated hardware/software products. Hands-on knowledge of IEC 62304 or similar regulated software development standards. Familiarity with standards/guidelines including IEC 62304, UL 2900, CVSS3.0, IEC 81001/80001 series, NIST 800-53, and FDA cybersecurity guidance. Experience with secure lifecycle development, threat modelling, penetration testing, vulnerability assessment, and CVE scoring. Excellent documentation, communication, and cross-functional collaboration skills. Familiarity with ISO 9001 is essential.
Desirable:
Experience in IVD or medical devices. Exposure to ISO 14971, ISO 13485, ISO 27001. Understanding of frameworks such as NIS2, Cyber Resilience Act, HIPAA Security Rule. Cybersecurity certifications (CISSP, CISM, or equivalent). Qualified lead auditor.
Personal Attributes:
Strong interpersonal and influencing skills. High attention to detail and prioritisation based on risk. Comfortable working in fast-paced, agile, regulated environments. Excellent English communication skills (written and spoken). Self-driven, flexible, and solution-oriented mindset.
#LI-RS1
#LI-onsite