Desired start date: May 2026

Location: San Carlos

We believe the future of the operating room lies in the hands of the empowered surgeon. They are bolstered with complete control, renewed confidence, and technology adaptable to any situation.

Our Maestro System delivers this empowerment, resulting in improved operating room efficiency and surgical care for patients - We are using tomorrow's technology to change surgery today.

Our blended French-American team is passionate about building this future. Together we are pushing the boundaries in a fast-paced yet focused and deliberate environment. We challenge ourselves often and celebrate our achievements. We believe that communication and planning are as important as execution.

Moon Team Photos 2.jpg

🎉 The Role

Your Core Responsibilities

Update and maintain the cybersecurity architecture documentation of the Maestro robotic platform, including data flows, trust boundaries, and threat models.
Design and implement automated tools for vulnerability analysis (e.g., SBOM parsing, CVE enrichment, contextual risk scoring).
Contribute to the automation of pre-market cybersecurity processes aligned with FDA and CE guidance (threat modeling, risk assessments, security documentation).
Build internal applications and scripts that streamline vulnerability triage, remediation tracking, and security metrics reporting.
Integrate security checks into CI/CD pipelines to improve software supply chain visibility and traceability.
Collaborate with Software, DevOps, Regulatory, and Systems Engineering teams to ensure cybersecurity is embedded into product development.
Conduct technical presentations and demos of tools and findings to cross-functional stakeholders.

How You’ll Fit In

You will be an integral part of the Moon Surgical product security function, helping secure next-generation surgical robotic systems deployed in hospitals worldwide.
Your work will directly contribute to FDA and CE submissions.
You will gain hands-on experience in medical device cybersecurity, secure software development lifecycle (SSDLC), regulatory compliance, and security automation within a fast-growing robotics startup.
You will be mentored by staff security engineers and gain exposure to real-world risk management challenges in connected medical systems.

🧭 Qualifications, Skills & Attributes

Currently enrolled in a Bachelor’s or Master’s program in Computer Science, Software Engineering, Cybersecurity, or a related field.
Strong proficiency in Python (experience/interest in building scripts, automation tools, or optimization workflows using agentic AI).
Familiarity with software security fundamentals (OWASP, secure coding practices, common vulnerability classes).
Basic understanding of networking concepts, Linux systems, and containerized environments.
Interest in medical device cybersecurity, regulatory frameworks (FDA, CE, ISO 13485), or secure software development lifecycle practices.
Experience with Git, CI/CD pipelines, or DevSecOps tooling is a plus.
Exposure to vulnerability databases (e.g., NVD), SBOM formats (CycloneDX, SPDX), or CVE analysis is a strong plus.
Highly structured, detail-oriented, and automation-minded.
Strong written documentation skills and ability to formalize technical decisions.
Curious, self-driven, and comfortable working in a highly cross-functional R&D environment.