Experience Inc. Jobs

Job Information

Medtronic Principal Product Security Engineer in Fridley, Minnesota

Principal Product Security Engineer

Location:

Fridley, Minnesota, United States

Requisition #:

21000RYJ

Post Date:

Nov 01, 2021

Careers that Change Lives

Engineers and Scientists create our market-leading portfolio of innovations. Join us to make a lasting impact. Help bring the next generation of life-changing medical technology to patients worldwide.

Together, we can change healthcare worldwide. At Medtronic, we push the limits of what technology can do to help alleviate pain, restore health and extend life. We challenge ourselves and each other to make tomorrow better than yesterday. It is what makes this an exciting and rewarding place to be.

Join us to make a lasting impact. Help bring the next generation of life-changing medical technology to patients worldwide.

Be on the frontlines of the emerging area of medical device cybersecurity as an integral member and technical leader within a team responsible for creating, deploying, and monitoring cybersecurity and information security solutions for Medtronics Neuromodulation and Pelvic Health medical devices and supporting IT infrastructure. Interact with external and internal cybersecurity researchers to identify and remediate vulnerabilities within Medtronic products and systems. Work directly with RD teams to ensure all relevant security risks are identified and evaluated, and appropriate and well-balanced solutions are implemented. Develop project security management deliverables for regulatory bodies to comply with standards / guidance documents, and successfully communicate cybersecurity technology to customers, regulatory bodies, and other stakeholders.

A Day in the Life

  • Lead and perform product and device-oriented cybersecurity-related activities ranging from incident response to vulnerability assessments to mitigation implementation.

  • Develop and perform product-level intrusion detection activities.

  • Lead product risk assessments in conjunction with product RD teams and develop and recommend specific security controls for product/system wide security needs.

  • Participate in the creation and testing of product security-related requirements and processes.

  • Manage security-related deliverables for regulatory bodies, ensuring compliance with key standards / guidance documents.

  • Evaluate and test security risks on programs across the entire development lifecycle, including market-released product.

  • Identifies potential attack areas and systemic security issues related to emerging threats and vulnerabilities, including recommendations for design enhancements or remediation.

  • Maintains awareness of emerging vulnerabilities via active monitoring of US-CERT/other sources.

Must Have: Minimum Requirements

  • Bachelors degree in a technically related field required

  • Minimum of 7 years of relevant experience, or advanced degree with a minimum of 5 years relevant experience

Nice to Have

  • Experience as an analyst, engineer, developer, or architect with cybersecurity responsibility and knowledge in one or more of the following areas:

  • Medical devices and systems

  • IoT (embedded) devices and systems

  • Cloud systems architecture and security

  • Mobile device application architecture and security

  • Data protection architectures for data at rest and in transit

  • Risk assessments and cybersecurity regulatory requirements

  • Security incident management experience

  • OS systems-level experience within one or more of the following: Linux, Android, iOS

  • Basic understanding of information security practices, risk management processes, cybersecurity principles, and incident response methodologies

  • Demonstrated teamwork skills

  • Demonstrated strong analytical, problem solving skills

  • Experience in Healthcare industry or other heavily regulated industry.

  • Awareness of national and international laws, regulations, and policies related to regulated medical device cybersecurity

For the right person this position can be remote

About Medtronic

Together, we can change healthcare worldwide. At Medtronic, we push the limits of what technology, therapies and services can do to help alleviate pain, restore health and extend life. We challenge ourselves and each other to make tomorrow better than yesterday. It is what makes this an exciting and rewarding place to be.

We want to accelerate and advance our ability to create meaningful innovations - but we will only succeed with the right people on our team. Lets work together to address universal healthcare needs and improve patients lives. Help us shape the future.

Physical Job Requirements

The physical demands described within the Responsibilities section of this job description are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. For Office Roles: While performing the duties of this job, the employee is regularly required to be independently mobile. The employee is also required to interact with a computer, and communicate with peers and co-workers. Contact your manager or local HR to understand the Work Conditions and Physical requirements that may be specific to each role. (ADA-United States of America)

It is the policy of Medtronic to provide equal employment opportunity (EEO) to all persons regardless of age, color, national origin, citizenship status, physical or mental disability, race, religion, creed, gender, sex, sexual orientation, gender identity and/or expression, genetic information, marital status, status with regard to public assistance, veteran status, or any other characteristic protected by federal, state or local law. In addition, Medtronic will provide reasonable accommodations for qualified individuals with disabilities.

DirectEmployers