At Medtronic you can begin a life-long career of exploration and innovation while helping champion healthcare access and equity for all. Youll lead with purpose breaking down barriers to innovation in a more connected compassionate world.

A Day in the Life

Key Responsibilities:

In general the Senior Product Security Engineer is responsible for but not limited to the following tasks:

• Product Security Implement security requirements across the medical device development lifecycle by collaborating with teams to uphold best practices from design to deployment.

• Risk Assessment Conduct threat modeling and vulnerability assessments to identify and mitigate security risks throughout the product lifecycle.

• Security Architecture - Support the design and deployment of secure medical devices by implementing features like secure boot communications data protection updates integration and access controls.

• Post-Quantum Strategy and Advanced Cryptography: Develop a comprehensive post-Quantum security strategy integrating quantum-resistant cryptographic algorithmssuch as lattice-based hash-based and multivariate polynomial schemesalong with strong key management and the use of Hardware Security Modules (HSMs) for medical device protection.

• Use of advanced methods like LLMs Deep learning to identify cyber security threats bugs and automate fixing of code

• Automation and AI for Cyber Security: Adopt advanced AI techniques including large language models and deep learning to efficiently identify classify and remediate cybersecurity vulnerabilities in medical device software and systems

• Security Standards & Compliance Ensure the implementation and maintenance of security policies for medical devices in accordance with industry standards and regulations including NIST IECand IEC. Conduct regular assessments and collaborate with development teams to enforce compliance and continuously enhance security practices.

• Incident Management Oversee and support efficient security incident response ensuring quick resolution mitigation and stakeholder communication as required.

• Follow the Trend - Maintain awareness of current cybersecurity trends in medical devices and health software through ongoing professional development. Collaborate to refine product security strategies and implement industry best practices.

• The successful candidate will have:

• Previous experience as cyber security engineer for embedded software products in a regulated industry

• Experience in cybersecurity threat modeling security incident management and contributing to proactive security strategies.

• Hands-on experience in cyber security architecture cloud security cryptography

• Experience working in agile software development teams

Minimum Requirements:

• Bachelors degree in Computer Science or a related fieldwith a minimum of 4 years of experience in cyber security embedded systems security IoT security IT security or a related role OR and Advance Degree in Computer Science or related field with significant academic work on cyber security with a minimum of 2 years of experience in cyber security embedded systems security IoT security IT security or a related role

Preferred :

• Experience with medical devices or regulated industries

• Cyber Security expert with all-round skills in proactive and reactive cyber security risk management.

Technical Skills:

• Strong understanding of cyber security concepts and frameworks (e.g.: NIST OWASP MITRE)

• Familiarity with security standards such as ISO 27001 ISO 14971 or HITRUST

• Working knowledge of secure software development lifecycle (SDLC) principles DevSecOps

• Good understanding of Advanced Cryptography Hardware Security Module concepts Secure key generation and management

Soft Skills:

• Proactive communication skills to identify present and persuade leadership on cyber security risks

• Strong problem-solving and analytical skills

• Ability to collaborate effectively in cross-functional teams

Certifications (Preferred):

CompTIA Security CISSP CISM or similar security certifications.

ITIL Certification or other process-oriented qualifications.

Physical Job Requirements

The above statements are intended to describe the general nature and level of work being performed by employees assigned to this position but they are not an exhaustive list of all the required responsibilities and skills of this position.

The physical demands described within the Responsibilities section of this job description are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. For Office Roles: While performing the duties of this job the employee is regularly required to be independently mobile. The employee is also required to interact with a computer and communicate with peers and co-workers. Contact your manager or local HR to understand the Work Conditions and Physical requirements that may be specific to each role.

Benefits & Compensation

Medtronic offers a competitive Salary and flexible Benefits Package
A commitment to our employees lives at the core of our values. We recognize their contributions. They share in the success they help to create. We offer a wide range of benefits resources and competitive compensation plans designed to support you at every career and life stage.

The following benefits and additional compensation are available to those regular employees who work 20 hours per week: Health Dental and vision insuranceHealth Savings AccountHealthcare Flexible Spending AccountLife insurance Long-term disability leaveDependent daycare spending accountTuition assistance/reimbursement andSimple Steps (global well-being program).

The following benefits and additional compensation are available to all regular employees:Incentive plans 401(k) plan plus employer contribution and matchShort-term disabilityPaid time offPaid holidaysEmployee Stock Purchase PlanEmployee Assistance ProgramNon-qualified Retirement Plan Supplement (subject to IRS earning minimums) andCapital Accumulation Plan (available to Vice Presidents and above or subject to IRS earning minimums).

Regular employees are those who are not temporary such as interns. Temporary employees are eligible for paid sick time as required under applicable state law and the Employee Stock Purchase Plan. Please note some of the above benefits may not apply to workers in Puerto Rico.

Further details are available at the link below:

Medtronic benefits and compensation plans

About Medtronic

We lead global healthcare technology and boldly attack the most challenging health problems facing humanity by searching out and finding solutions.
Our Mission to alleviate pain restore health and extend life unites a global team of 95000 passionate people.
We are engineers at heart putting ambitious ideas to work to generate real solutions for real people. From the R&D lab to the factory floor to the conference room every one of us experiments creates builds improves and solves. We have the talent diverse perspectives and guts to engineer the extraordinary.

Learn more about our business mission and our commitment to diversity here.

It is the policy of Medtronic to provide equal employment opportunity (EEO) to all persons regardless of age color national origin citizenship status physical or mental disability race religion creed gender sex sexual orientation gender identity and/or expression genetic information marital status status with regard to public assistance veteran status or any other characteristic protected by federal state or local addition Medtronic will provide reasonable accommodations for qualified individuals with disabilities.