Bring your talents to an industry leader in medical technology and healthcare solutions – we're a market leader and growing every day. You can be proud to part of technologies that are rooted in our long history of mission-driven innovation. You will be empowered to shape your own career. We support your growth with the training, mentorship, and guidance you need to own your future success. Together, we can transform healthcare.Join us for a career in IT that changes lives.Careers that Change LivesA Day in the LifeThe Sr. Product Security Engineer works across the R&D organization to ensure compliance with pre and post-market cybersecurity expectations and help deliver secure, robust products to the marketplace.They are responsible for coordinating cybersecurity activities on projects and ensuring that R&D teams have the cybersecurity-focused tools and knowledge needed to do their jobs effectively.POSITION RESPONSIBILITIES MAY INCLUDE THE FOLLOWING AND OTHER DUTIES MAY BE ASSIGNED:Must be willing to work locally from our office in Boulder, ColoradoCoordinate between the Medtronic Product Security Office and our R&D organization to ensure alignment on security topics and requestsAccountable for scheduling and executing penetration testing for products in pre and post-market, as well as sharing the feedback with product ownersAccountable for vulnerability monitoring of products using SBOMs and communicating vulnerabilities to product ownersAssist product owners and technical leads with triaging vulnerabilitiesProvide guidance to R&D project teams on security controls and assist with security-focused design and code reviewsCollaborate with project teams to create, review, and maintain threat models, security architecture diagrams, and risk assessmentsAssist with creation of MDS2 forms and answering product security questionnaires from customersEvaluate and maintain security tools used by the R&D organization, including SAST and DAST toolsCapture metrics to measure the organization's security postureRespond to product security incidents and work with customers on security-related issuesProvide security training and documentation to the R&D organization as neededMust Have: Minimum RequirementsBachelors degree requiredMinimum of 4 years of relevant experience, or advanced degree with a minimum of 2 years relevant experienceNice to HaveAbility to work in a team-oriented environmentExperience working in an agile environmentKnowledge of cybersecurity standards, including IEC 81001-5-1Knowledge of FDA pre and post-market cybersecurity guidanceAbility to navigate and align with Regulatory, Quality, and other cross functions.Superb written and oral communication skillsExperience working in medical device spaceExperience with vulnerability monitoring software, such as Dependency-TrackExperience with threat modeling tools, such as Microsoft Threat Modeling ToolExperience with penetration testing, SAST, and DAST toolsA valid cybersecurity certification, such as CISSP, CEH, or Security+A commitment to our employees lives at the core of our values. We recognize their contributions. They share in the success they help to create.? We offer a wide range of benefits, resources, and competitive compensation plans designed to support you at every career and life stage. Learn more about our benefits here.This position is eligible for a short-term incentive plan.? Learn more about Medtronic Incentive Plan (MIP) on page 6 here.The provided base salary range is used nationally (except in certain CA locations).?The rate offered is compliant with federal/local regulations and may vary by experience,?certification/education, market conditions, location, etc.About MedtronicTogether, we can change healthcare worldwide. At Medtronic, we push the limits of what technology, therapies and services can do to help alleviate pain, restore health and extend life. We challenge ourselves and each other to make tomorrow better than yesterday. It is what makes this an exciting and rewarding place to be.We want to accelerate and advance our ability to create meaningful innovations - but we will only succeed with the right people on our team. Let's work together to address universal healthcare needs and improve patients' lives. Help us shape the future.Physical Job RequirementsThe physical demands described within the Responsibilities section of this job description are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. For Office Roles: While performing the duties of this job, the employee is regularly required to be independently mobile. The employee is also required to interact with a computer, and communicate with peers and co-workers. Contact your manager or local HR to understand the Work Conditions and Physical requirements that may be specific to each role. (ADA-United States of America)
