Principal Product Security Engineer at Medtronic

Lafayette, Colorado, United States

Apply Now

Not SpecifiedCompensation

Senior (5 to 8 years), Expert & Leadership (9+ years)Experience Level

Full TimeJob Type

UnknownVisa

Healthcare, Medical DevicesIndustries

Requirements

Bachelor’s Degree
7+ years of cybersecurity experience with a bachelor's degree or 5+ years with a master’s degree
Willing to work on-site 4 days/week in Lafayette, Colorado
Ability to work in a team-oriented environment
Experience working in an agile environment
Knowledge of cybersecurity standards, including IEC 81001-5-1
Knowledge of FDA pre and post-market cybersecurity guidance
Ability to navigate and align with Regulatory, Quality, and other cross functions
Superb written and oral communication skills
Experience working in medical device space
Experience communicating with external stakeholders, such as auditors and customers
Experience with vulnerability monitoring software, such as Dependency-Track
Experience with threat modeling tools, such as Microsoft Threat Modeling Tool
Experience with penetration testing, SAST, and DAST tools
(Nice to have) A valid cybersecurity certification, such as CISSP, CSSLP, CISM, CySA+, or Security+

Responsibilities

Act as point person for the AC&M organization on product security, taking accountability for the organization’s security posture
Answer questions related to product security during internal and external audits
Maintain the product security Confluence site and organize documentation related to product security
Establish and lead implementation of roadmap of goals for product security team and organization
Organize day-to-day activities of the product security team members and lead standups
Provide mentorship and guidance to junior and senior product security engineers
Support definition of roles and responsibilities for product security
Provide guidance to R&D project teams on security controls and assist with security-focused design and code reviews
Collaborate with the Medtronic Product Security Office and other R&D organizations to ensure alignment
Collaborate with project teams to create, review, and maintain threat models
Assist project teams with creating security architecture diagrams
Assist project teams with performing and documenting security risk assessments
Evaluate project deliverables for compliance with security-related standards and guidance
Assist with creation of MDS2 forms and answering product security questions from customers
Assist project teams with executing and reviewing results from SAST and DAST tools
Capture metrics to measure the organization’s security posture
Respond to product security incidents and work with customers on security-related issues
Provide security training and documentation to the R&D organization as needed
Assist project teams with building and reviewing SBOMs
Assist project teams with analyzing vulnerabilities identified by penetration testing and SBOM analysis

Skills

Product Security

Cybersecurity

Threat Modeling

Security Controls

Design Reviews

Code Reviews

Confluence

Audits

Mentorship

Roadmap

R&D

Medtronic

Develops and manufactures medical devices and therapies

About Medtronic

Medtronic provides medical technology, services, and solutions to improve patient care. The company develops a variety of medical devices, including pacemakers, insulin pumps, surgical tools, and neurostimulation devices, which help diagnose, prevent, and treat chronic diseases. These products are used by hospitals, clinics, and healthcare professionals around the world. Medtronic stands out from competitors by investing significantly in research and development to create new products and offering additional services like training and patient management programs. The goal of Medtronic is to enhance patient outcomes and lower healthcare costs through its comprehensive range of medical solutions.

Fridley, MinnesotaHeadquarters

1949Year Founded

$3.2MTotal Funding

IPOCompany Stage

Biotechnology, HealthcareIndustries

10,001+Employees

Benefits

Health Insurance

Dental Insurance

Vision Insurance

Life Insurance

Disability Insurance

Health Savings Account/Flexible Spending Account

Unlimited Paid Time Off

Paid Vacation

Paid Sick Leave

Paid Holidays

401(k) Retirement Plan

401(k) Company Match

Employee Stock Purchase Plan

Employee Assistance Program

Wellness Program

Risks

Emerging competitors like Fire1 threaten Medtronic's heart failure management market share.

Spine biologics market growth may attract new entrants, increasing competition for Medtronic.

Recent IPOs in medtech indicate rising competition, challenging Medtronic's market position.

Differentiation

Medtronic's diverse product range spans cardiovascular, diabetes, neurological, and surgical technologies.

The company invests heavily in R&D to drive innovation in medical devices.

Medtronic offers comprehensive services, including training and technical support, enhancing product value.

Upsides

Exclusive deal with Kuros enhances Medtronic's orthopedic portfolio and market share.

Growing spine biologics market offers expansion opportunities in spinal fusion and regenerative medicine.

Balloon catheters market growth aligns with Medtronic's recent product launches, boosting cardiovascular presence.

Land your dream remote job 3x faster with AI

Try Jobo Free