Medtronic is a healthcare technology company that designs and develops AI-based products and solutions for the medical industry. The Product Security Engineer II will oversee the cyber security life cycle of medical devices, identifying threats and developing security measures to ensure patient safety and product integrity.
Performs security assessments of company products that may include vulnerability and risk assessments, threat analysis, and security code reviews to identify potential design and implementation vulnerabilities.
Designs and develop security features for products including systems, applications and/or solutions.
Integrates new security features and updates into existing products and ensures the security of all products is maintained throughout the product lifecycle.
Develops verification plans for security functions, code/design review, penetration testing to ensure robust security measures.
Ensure processes are aligned with industry standards, regulatory requirements, and internal compliance policies.
Collaborate with cross-functional teams, including product development, IT, security, and quality assurance, to ensure seamless security asset deployment and lifecycle management.
Provide hands-on support for security asset provisioning and troubleshooting for medical devices and mobile applications across the product lifecycle.
Continuously evaluate and improve product security risk management processes to enhance efficiency, security, and scalability.
Implement automation tools and workflows to streamline security activities where possible.
Ensure that security asset management procedures adhere to relevant regulatory frameworks such as NIST, ISO 27001, or HITRUST and other applicable standards.
Prepare and maintain audit-ready documentation and evidence related to product security.
Qualification
Required
Bachelor’s degree in Computer Science, or a related field with 2 years of experience in cyber security, embedded systems security, IoT security, IT security, or an Advance Degree in Computer Science, or related field with 0 years of experience
Working knowledge of secure software development lifecycle (SDLC) principles, DevSecOps
Understanding of computer networks, protocols, hardware/software architecture
Hands-on experience in at least one programming language like Python or C/C++, Java, Javascript
Good understanding of cyber security concepts and frameworks (e.g.: NIST, OWASP, MITRE)
Familiarity with security standards such as ISO 27001, ISO 14971 or HITRUST
Strong problem-solving and analytical skills
Ability to collaborate effectively in cross-functional teams
Preferred
CompTIA Security+, CISSP, CISM, or similar security certifications.
ITIL Certification or other process-oriented qualifications.
Experience with medical devices, or regulated industries
Benefits
Health, Dental and vision insurance
Health Savings Account
Healthcare Flexible Spending Account
Life insurance
Long-term disability leave
Dependent daycare spending account
Tuition assistance/reimbursement
Simple Steps (global well-being program)
Incentive plans
401(k) plan plus employer contribution and match
Short-term disability
Paid time off
Paid holidays
Employee Stock Purchase Plan
Employee Assistance Program
Non-qualified Retirement Plan Supplement (subject to IRS earning minimums)
Capital Accumulation Plan (available to Vice Presidents and above, or subject to IRS earning minimums)
Medtronic is a healthcare technology company that designs and develops AI-based products and solutions for the medical industry.
Glassdoor
3.9
Founded in 1949
Minneapolis, Minnesota, USA
10001+ employees
https://www.medtronic.com
Medtronic is a healthcare technology company that designs and develops AI-based products and solutions for the medical industry.
