Full-Time

Sr. Product Security Engineer

Posted on 11/6/2024

Medtronic

Medtronic

10,001+ employees

Develops and manufactures medical devices and therapies

Biotechnology
Healthcare

Compensation Overview

$123.2k - $184.8kAnnually

+ Short-term incentive (Medtronic Incentive Plan)

Senior

Boston, MA, USA + 2 more

More locations: North Haven, CT, USA | Lafayette, CO, USA

Category
Cybersecurity
IT & Security
Requirements
  • Bachelor’s degree or higher (completed and verified prior to start)
  • Minimum 4 years of relevant experience or advanced degree with a minimum of 2 years of relevant experience.
  • Minimum 2 years of embedded device product security experience in a regulated industry.
Responsibilities
  • Participate in ongoing professional development to stay current with emerging cybersecurity trends and threats related to medical devices and health software products.
  • Contribute to the development and refinement of product security strategies within the Operating Unit (OU), ensuring alignment with established industry best practices and regulatory requirements.
  • Collaborate with senior team members to implement security measures and continuously improve product security processes.
  • Support and lead integration of security into the product development lifecycle, ensuring that security considerations are incorporated from design to deployment.
  • Assist in implementing security measures across medical devices, OT, ICS, IoT, and enterprise security processes/standards.
  • Work closely with cross-functional teams to ensure security is a core part of the product design and development process.
  • Conduct threat modeling, security risk evaluations, and vulnerability assessments to identify and mitigate potential security risks throughout the product lifecycle.
  • Work under limited supervision to address security threats and provide recommendations for risk mitigation.
  • Collaborate with cross-functional teams to ensure risks are evaluated and managed in alignment with security best practices and regulatory requirements.
  • Contribute to the design and deployment of secure medical device architectures and product designs.
  • Assist in the implementation of key security features such as secure boot, secure communications, data protection, secure updates, secure integration, and access controls.
  • Collaborate with senior engineers to ensure that security architecture aligns with product security requirements and best practices.
  • Provide input on security design decisions and work to ensure effective implementation throughout the product lifecycle.
  • Assist in maintaining and implementing security standards, policies, and procedures for medical device systems and product development.
  • Contribute to security testing activities, including vulnerability scanning, penetration testing, and code reviews.
  • Collaborate with cross-functional teams to ensure adherence to security standards and participate in evaluating testing results to identify and address security vulnerabilities.
  • Provide guidance on testing procedures and contribute to continuous improvement of security practices.
  • Contribute to promoting security awareness and assist in delivering training across cross-functional product development teams.
  • Help foster a security-conscious culture by sharing best practices and providing support on security-related topics.
  • Collaborate with engineers to ensure that teams understand the importance of security in product development and work towards embedding security into everyday practices.
  • Ensure compliance with industry standards and regulations related to medical device and health software product security, such as NIST, IEC 60601-4-5, IEC 81001-5-1, and others.
  • Evaluate third-party vendors and suppliers for their security practices and ensure they meet our security requirements.
  • Lead and support the effective response to security incidents, ensuring swift resolution, proper mitigation, and clear communication to stakeholders, including customers when needed.
  • Maintain detailed documentation of security best practices, guidance, configurations, design patterns, shared service designs, inventories, incident response plans, security architectures, and reports.

Medtronic provides medical technology, services, and solutions to improve patient care. The company develops a variety of medical devices, including pacemakers, insulin pumps, surgical tools, and neurostimulation devices, which help diagnose, prevent, and treat chronic diseases. These products are used by hospitals, clinics, and healthcare professionals around the world. Medtronic stands out from competitors by not only focusing on product development but also offering comprehensive services such as training for healthcare providers and patient management programs. The goal of Medtronic is to enhance patient outcomes and lower healthcare costs through its advanced medical solutions.

Company Stage

IPO

Total Funding

$3.2M

Headquarters

Fridley, Minnesota

Founded

1949

Simplify Jobs

Simplify's Take

What believers are saying

  • Growing demand for connected medical devices boosts Medtronic's product and patient management solutions.
  • Personalized medicine trends create opportunities for customized Medtronic devices and therapies.
  • Increasing chronic disease prevalence expands Medtronic's market share in diabetes and cardiovascular solutions.

What critics are saying

  • Emerging competitors like Anteris challenge Medtronic's market share and innovation pace.
  • Spine biologics market growth requires rapid innovation to maintain Medtronic's competitive edge.
  • Talent retention challenges may arise following Ira Bindra's departure to Reliance Industries.

What makes Medtronic unique

  • Medtronic offers a comprehensive suite of products and services for diverse medical conditions.
  • The company invests heavily in R&D to drive innovation in medical technology.
  • Medtronic's global presence in over 150 countries enhances its market reach and influence.

Help us improve and share your feedback! Did you find this helpful?

INACTIVE