Medtronic
Sr Product Security Engineer - Neuro
at
Medtronic
We anticipate the application window for this opening will close on 19 Dec 2025. At Medtronic you can begin a life‑long career of exploration and innovation while helping champion healthcare access and equity for all. You’ll lead with purpose, breaking down barriers to innovation in a more connected, compassionate world.
A Day in the Life At Medtronic, we’re driven by our Mission to alleviate pain, restore health, and extend life for millions of people around the world with our innovative Biomedical devices and solutions. Our people are the foundation of our mission, together with Medtronic’s mindset, we pursue continuous innovation to breach new frontiers of Biomedical research.
As the world becomes more connected, complexity and security challenges increase manyfold to protect the devices, the patients and sensitive data. The Sr. Product Security Engineer will act at the frontline of these emerging challenges to proactively find actionable and measurable cyber security solutions while ensuring uninterrupted functionality and patient safety.
The primary responsibilities include overseeing all phases of the cyber security life cycle of medical devices, proactively initiating identification, modeling, and evaluation of cyber security threats, defining security measures to mitigate threats, developing robust implementation strategies and rigorous verification and validation mechanisms, and engaging cross‑functional development teams and preparing reports that meet regulatory and quality requirements.
Key Responsibilities
Implement security requirements across the medical device development lifecycle by collaborating with teams to uphold best practices from design to deployment.
Conduct threat modeling and vulnerability assessments to identify and mitigate security risks throughout the product lifecycle.
Support the design and deployment of secure medical devices by implementing features such as secure boot, secure communications, data protection, secure updates, integration and access controls.
Develop a comprehensive post‑quantum security strategy integrating quantum‑resistant cryptographic algorithms, strong key management and the use of hardware security modules for device protection.
Use advanced methods like LLMs and deep learning to identify cyber security threats and bugs and automate code fixes.
Adopt advanced AI techniques, including large language models and deep learning, to efficiently identify, classify and remediate cybersecurity vulnerabilities.
Ensure implementation and maintenance of security policies for medical devices in accordance with industry standards and regulations, including NIST, IEC 60601‑4‑5, IEC 81001‑5‑1, and conduct regular assessments.
Oversee and support efficient security incident response, ensuring quick resolution, mitigation and stakeholder communication as required.
Maintain awareness of current cybersecurity trends in medical devices and health software and collaborate to refine product security strategies and implement best practices.
Qualifications
Previous experience as a cyber security engineer for embedded software products in a regulated industry.
Experience in cybersecurity, threat modeling, security incident management and contributing to proactive security strategies.
Hands‑on experience in cyber security architecture, cloud security and cryptography.
Experience working in agile software development teams.
Minimum Requirements
Bachelor’s degree in Computer Science or a related field with 4+ years of experience in cyber security, embedded systems security, IoT security, IT security, or a related role.
Advance degree in Computer Science or related field with significant academic work on cyber security and 2+ years of experience in the same areas.
Preferred
Experience with medical devices or regulated industries.
Cyber security expertise with comprehensive skills in proactive and reactive risk management.
Technical Skills
Strong understanding of cyber security concepts and frameworks (e.g., NIST, OWASP, MITRE).
Familiarity with security standards such as ISO 27001, ISO 14971 or HITRUST.
Working knowledge of secure software development life cycle principles and DevSecOps.
Good understanding of advanced cryptography, hardware security module concepts, secure key generation and management.
Soft Skills
Proactive communication skills to identify, present and persuade leadership on cyber security risks.
Strong problem‑solving and analytical skills.
Ability to collaborate effectively in cross‑functional teams.
Certifications (Preferred) CompTIA Security+, CISSP, CISM or similar security certifications; ITIL Certification or other process‑oriented qualifications.
Physical Job Requirements The above statements describe the general nature and level of work performed. Reasonable accommodations may be made to enable individuals with disabilities to perform essential functions. The role requires independent mobility, computer use and interaction with peers.
Benefits & Compensation Salary ranges for U.S. (excluding Puerto Rico) locations: $125,600.00 – $188,400.00. This position is eligible for a short‑term incentive called the Medtronic Incentive Plan (MIP). The base salary range is applicable across the United States, excluding Puerto Rico and specific locations in California. Compensation and benefits include health, dental, vision, HSA, HRA, life insurance, long‑term disability, dependent daycare, tuition assistance, 401(k), 401(k) match, short‑term and long‑term disability, paid time off, paid holidays, employee stock purchase plan, and other programs as described. Employees receive additional benefits through a global well‑being program.
It is the policy of Medtronic to provide equal employment opportunity (EEO) to all persons regardless of age, color, national origin, citizenship status, disability, race, religion, creed, gender, sexual orientation, gender identity, genetic information, marital status, status with regard to public assistance, veteran status, or any other characteristic protected by federal, state or local law. Medtronic may provide reasonable accommodations for qualified individuals with disabilities. If you are applying to perform work in Los Angeles County, you may find a list of job duties that may be influenced by criminal history considerations under the Los Angeles County Fair Chance Ordinance and California Fair Chance Act.
#J-18808-Ljbffr
at
Medtronic
We anticipate the application window for this opening will close on 19 Dec 2025. At Medtronic you can begin a life‑long career of exploration and innovation while helping champion healthcare access and equity for all. You’ll lead with purpose, breaking down barriers to innovation in a more connected, compassionate world.
A Day in the Life At Medtronic, we’re driven by our Mission to alleviate pain, restore health, and extend life for millions of people around the world with our innovative Biomedical devices and solutions. Our people are the foundation of our mission, together with Medtronic’s mindset, we pursue continuous innovation to breach new frontiers of Biomedical research.
As the world becomes more connected, complexity and security challenges increase manyfold to protect the devices, the patients and sensitive data. The Sr. Product Security Engineer will act at the frontline of these emerging challenges to proactively find actionable and measurable cyber security solutions while ensuring uninterrupted functionality and patient safety.
The primary responsibilities include overseeing all phases of the cyber security life cycle of medical devices, proactively initiating identification, modeling, and evaluation of cyber security threats, defining security measures to mitigate threats, developing robust implementation strategies and rigorous verification and validation mechanisms, and engaging cross‑functional development teams and preparing reports that meet regulatory and quality requirements.
Key Responsibilities
Implement security requirements across the medical device development lifecycle by collaborating with teams to uphold best practices from design to deployment.
Conduct threat modeling and vulnerability assessments to identify and mitigate security risks throughout the product lifecycle.
Support the design and deployment of secure medical devices by implementing features such as secure boot, secure communications, data protection, secure updates, integration and access controls.
Develop a comprehensive post‑quantum security strategy integrating quantum‑resistant cryptographic algorithms, strong key management and the use of hardware security modules for device protection.
Use advanced methods like LLMs and deep learning to identify cyber security threats and bugs and automate code fixes.
Adopt advanced AI techniques, including large language models and deep learning, to efficiently identify, classify and remediate cybersecurity vulnerabilities.
Ensure implementation and maintenance of security policies for medical devices in accordance with industry standards and regulations, including NIST, IEC 60601‑4‑5, IEC 81001‑5‑1, and conduct regular assessments.
Oversee and support efficient security incident response, ensuring quick resolution, mitigation and stakeholder communication as required.
Maintain awareness of current cybersecurity trends in medical devices and health software and collaborate to refine product security strategies and implement best practices.
Qualifications
Previous experience as a cyber security engineer for embedded software products in a regulated industry.
Experience in cybersecurity, threat modeling, security incident management and contributing to proactive security strategies.
Hands‑on experience in cyber security architecture, cloud security and cryptography.
Experience working in agile software development teams.
Minimum Requirements
Bachelor’s degree in Computer Science or a related field with 4+ years of experience in cyber security, embedded systems security, IoT security, IT security, or a related role.
Advance degree in Computer Science or related field with significant academic work on cyber security and 2+ years of experience in the same areas.
Preferred
Experience with medical devices or regulated industries.
Cyber security expertise with comprehensive skills in proactive and reactive risk management.
Technical Skills
Strong understanding of cyber security concepts and frameworks (e.g., NIST, OWASP, MITRE).
Familiarity with security standards such as ISO 27001, ISO 14971 or HITRUST.
Working knowledge of secure software development life cycle principles and DevSecOps.
Good understanding of advanced cryptography, hardware security module concepts, secure key generation and management.
Soft Skills
Proactive communication skills to identify, present and persuade leadership on cyber security risks.
Strong problem‑solving and analytical skills.
Ability to collaborate effectively in cross‑functional teams.
Certifications (Preferred) CompTIA Security+, CISSP, CISM or similar security certifications; ITIL Certification or other process‑oriented qualifications.
Physical Job Requirements The above statements describe the general nature and level of work performed. Reasonable accommodations may be made to enable individuals with disabilities to perform essential functions. The role requires independent mobility, computer use and interaction with peers.
Benefits & Compensation Salary ranges for U.S. (excluding Puerto Rico) locations: $125,600.00 – $188,400.00. This position is eligible for a short‑term incentive called the Medtronic Incentive Plan (MIP). The base salary range is applicable across the United States, excluding Puerto Rico and specific locations in California. Compensation and benefits include health, dental, vision, HSA, HRA, life insurance, long‑term disability, dependent daycare, tuition assistance, 401(k), 401(k) match, short‑term and long‑term disability, paid time off, paid holidays, employee stock purchase plan, and other programs as described. Employees receive additional benefits through a global well‑being program.
It is the policy of Medtronic to provide equal employment opportunity (EEO) to all persons regardless of age, color, national origin, citizenship status, disability, race, religion, creed, gender, sexual orientation, gender identity, genetic information, marital status, status with regard to public assistance, veteran status, or any other characteristic protected by federal, state or local law. Medtronic may provide reasonable accommodations for qualified individuals with disabilities. If you are applying to perform work in Los Angeles County, you may find a list of job duties that may be influenced by criminal history considerations under the Los Angeles County Fair Chance Ordinance and California Fair Chance Act.
#J-18808-Ljbffr