Principal Software Engineer at Medtronic

Northridge, California, United States

Apply Now

Not SpecifiedCompensation

Senior (5 to 8 years), Expert & Leadership (9+ years)Experience Level

Full TimeJob Type

UnknownVisa

Healthcare, Medical Devices, Diabetes TechnologyIndustries

Requirements

Deep technical expertise in application security
Leadership skills in building and supporting enterprise-grade health applications, diagnostics, therapy analytics, and real-time alerting systems
Proficiency with tools such as Fortify, BlackDuck, BurpSuite, and Postman
Ability to review release changes (e.g., ESFs, Jira tickets, Dev discussions)
Knowledge of medical device software standards and compliance (e.g., Threat Models, Cybersecurity Risk Assessments, FedRAMP)
Experience in security assessments, source code and open-source security scans, penetration testing, and security documentation

Responsibilities

Review the scope of changes (ESFs, Jira tickets, Dev discussions) for CareLink releases
Regularly attend cross-scrum technical calls (User Apps and User Services) to understand the scope of changes
Complete security assessments of the changes for CareLink releases
Fill out the detailed ESF write-ups for each change, as needed for security reports
Review the write-ups with Product security team/ISAC and address any comments
Run periodic security scans of source code during each Sprint cycle, and share results with Dev team, including:
Perform security static code analysis (SCA / SAST) using Fortify tool on source code
Execute scans for SOUP analysis of the different CareLink products, using tool such as BlackDuck
Responsible for Security documentation, including:
Reviewing and updating Threat Models and Cybersecurity Risk Assessment (CRA) reports as needed
Update security (CRM) reports for the different CareLink products for each CareLink release
Follow up on mitigations and security fixes for previous security findings, including PenTest findings and SAST, SCA results
Conduct ad-hoc testing to validate pen test findings and mitigations using tools such as BurpSuite, Postman, etc
Ensure timely implementation of security fixes and update
Respond to third-party security questionnaires, ensuring alignment with our security policies and standards
Track and maintain repository in SharePoint of security assessments (completed and in progress questionnaires)
Coordinate with external penetration testing teams to plan and conduct thorough security assessments

Skills

Application Security

Secure Coding

Threat Modeling

Cybersecurity Risk Assessment

FedRAMP Compliance

Fortify

BlackDuck

BurpSuite

Postman

Penetration Testing

Source Code Analysis

Open-Source Security Scans

Medical Device Software Standards

Medtronic

Develops and manufactures medical devices and therapies

About Medtronic

Medtronic provides medical technology, services, and solutions to improve patient care. The company develops a variety of medical devices, including pacemakers, insulin pumps, surgical tools, and neurostimulation devices, which help diagnose, prevent, and treat chronic diseases. These products are used by hospitals, clinics, and healthcare professionals around the world. Medtronic stands out from competitors by investing significantly in research and development to create new products and offering additional services like training and patient management programs. The goal of Medtronic is to enhance patient outcomes and lower healthcare costs through its comprehensive range of medical solutions.

Fridley, MinnesotaHeadquarters

1949Year Founded

$3.2MTotal Funding

IPOCompany Stage

Biotechnology, HealthcareIndustries

10,001+Employees

Benefits

Health Insurance

Dental Insurance

Vision Insurance

Life Insurance

Disability Insurance

Health Savings Account/Flexible Spending Account

Unlimited Paid Time Off

Paid Vacation

Paid Sick Leave

Paid Holidays

401(k) Retirement Plan

401(k) Company Match

Employee Stock Purchase Plan

Employee Assistance Program

Wellness Program

Risks

Emerging competitors like Fire1 threaten Medtronic's heart failure management market share.

Spine biologics market growth may attract new entrants, increasing competition for Medtronic.

Recent IPOs in medtech indicate rising competition, challenging Medtronic's market position.

Differentiation

Medtronic's diverse product range spans cardiovascular, diabetes, neurological, and surgical technologies.

The company invests heavily in R&D to drive innovation in medical devices.

Medtronic offers comprehensive services, including training and technical support, enhancing product value.

Upsides

Exclusive deal with Kuros enhances Medtronic's orthopedic portfolio and market share.

Growing spine biologics market offers expansion opportunities in spinal fusion and regenerative medicine.

Balloon catheters market growth aligns with Medtronic's recent product launches, boosting cardiovascular presence.

Land your dream remote job 3x faster with AI

Try Jobo Free