Product Security Engineer II

USA-CA Northridge

Medtronic

Medtronic ist ein weltweiter Marktführer in Gesundheitstechnologie und den damit verbundenen Dienstleistungen und Lösungen. Wir arbeiten mit unseren Partnern zusammen, um gemeinsam den gewaltigen Herausforderungen des Gesundheitswesens zu...

View all jobs at Medtronic

Apply now Apply later

We anticipate the application window for this opening will close on - 19 Dec 2024


 

At Medtronic you can begin a life-long career of exploration and innovation, while helping champion healthcare access and equity for all. You’ll lead with purpose, breaking down barriers to innovation in a more connected, compassionate world.

A Day in the LifeAt Medtronic you can begin a life-long career of exploration and innovation, while helping champion healthcare access and equity for all. You’ll lead with purpose, breaking down barriers to innovation in a more connected, compassionate world.

The Medtronic Diabetes organization is looking for a Product Security Engineer II to join our Software Cybersecurity Organization. Be a technical leader within a team responsible for solutions for Medtronic’s medical devices. Lead the work to security monitoring and secure operation of connected medical device systems.

At Medtronic Diabetes, our IoT solutions, Application and Cloud systems connect a planet’s worth of medical device health data to deliver patient and hospital solutions that make a real difference in how people live their lives every day. This key cybersecurity role is for a hands-on engineer who is detail oriented, entrepreneurial and driven to get her/his products and services delivered with high quality and security You will contribute heavily to our goal of delivering this increasingly complex and interconnected system of components that requires industry-leading security thinking.

You will have an opportunity to contribute to advancing security, while working with other Security Engineers, Architects, Program Managers, and Developers throughout the R&D organization to instill the core security mindset and culture. This job also provides an opportunity to collaborate with the broader Medtronic security leadership team, external and internal cybersecurity researchers, Global IT Organization, and stay on top of current developments for the benefit of Medtronic products and services.

** This position is onsite in Northridge, CA (Hybrid)

In this role, you will contribute to maintaining cybersecurity of Medtronic Diabetes’ products through:

  • Risk Management - Facilitate technical teams in threat modeling, security risk evaluations, and vulnerability assessments to identify and mitigate potential security risks throughout the product lifecycle.
  • Building Security Awareness - Collaborate with the product R&D teams helping them to understand the security mindset, guiding them to implement specific security controls for product/system wide security needs.
  • Ensuring Security By Design - Support integration of security into the product development lifecycle, ensuring that security considerations are incorporated from design to deployment. Assist in implementing security measures across of product line – embedded, mobile, or web services. Work closely with cross-functional teams to ensure security is a core part of the product design and development process.
  • Verifying Secure Implementation - Contribute to security testing activities, including vulnerability scanning, penetration testing, and code reviews. Collaborate with cross-functional teams to ensure adherence to security standards and participate in evaluating testing results to identify and address security vulnerabilities. Provide guidance on testing procedures and contribute to continuous improvement of security practices.
  • Maintaining Standards Compliance - Assist in maintaining and implementing security standards, policies, and procedures for medical device systems and product development.
  • Learning Every Day - Perform emerging threat and vulnerability research.  Identify and evaluate new areas for research, perform analysis into emerging threats, including proactive security research on the technologies under consideration for new product capabilities.
  • Assessing our Vendors - Evaluate third-party vendors and suppliers for their security practices and ensure they meet our security requirements.
  • Assisting Incident Response - Support the effective response to security incidents, ensuring swift resolution, proper mitigation, and clear communication to stakeholders and management.

Must Have: Minimum Requirements

  • Bachelor’s degree in Software Engineering, Computer Science, or related technical field and 2+ years of cybersecurity experience
  • Or, Advanced Degree in Software Engineering, Computer Science, or related technical field

Nice to Have

  • Experience with at least one of the following:
    • Embedded Security Experience
    • Mobile Application Security Experience
    • Cloud Security Experience
    • Wireless communication systems knowledge and experience
    • PKI Key management system design
    • Penetration or Red Team testing of IoT devices or Mobile Applications
    • Security Incident Management
  • Prior cybersecurity security design or testing experience in critical industries such as Medical, Aerospace, Automotive, Defense
  • Programming skills in one or more of the following: C, C++, Python, Flutter Experience in medical device technology
  • Experience with Security Frameworks and compliance standards (e.g., ISO 27001, ISO 81001-5-1, NIST, FDA Premarket Guidance)
  • Threat Modeling Experience (STRIDE)

Physical Job Requirements

The above statements are intended to describe the general nature and level of work being performed by employees assigned to this position, but they are not an exhaustive list of all the required responsibilities and skills of this position. 

The physical demands described within the Responsibilities section of this job description are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. For Office Roles: While performing the duties of this job, the employee is regularly required to be independently mobile. The employee is also required to interact with a computer, and communicate with peers and co-workers. Contact your manager or local HR to understand the Work Conditions and Physical requirements that may be specific to each role.

Benefits & Compensation
 

Medtronic offers a competitive Salary and flexible Benefits Package
A commitment to our employees lives at the core of our values. We recognize their contributions. They share in the success they help to create.  We offer a wide range of benefits, resources, and competitive compensation plans designed to support you at every career and life stage.
 

Salary ranges for U.S (excl. PR) locations (USD):$96,800.00 - $145,200.00

This position is eligible for a short-term incentive called the Medtronic Incentive Plan (MIP).

The base salary range is applicable across the United States, excluding Puerto Rico and specific locations in California. The offered rate complies with federal and local regulations and may vary based on factors such as experience, certification/education, market conditions, and location. Compensation and benefits information pertains solely to candidates hired within the United States (local market compensation and benefits will apply for others).

The following benefits and additional compensation are available to those regular employees who work 20+ hours per week: Health, Dental and vision insurance, Health Savings Account, Healthcare Flexible Spending Account, Life insurance, Long-term disability leave, Dependent daycare spending account, Tuition assistance/reimbursement, and Simple Steps (global well-being program).

 

The following benefits and additional compensation are available to all regular employees: Incentive plans, 401(k) plan plus employer contribution and match, Short-term disability, Paid time off, Paid holidays, Employee Stock Purchase Plan, Employee Assistance Program, Non-qualified Retirement Plan Supplement (subject to IRS earning minimums), and Capital Accumulation Plan (available to Vice Presidents and above, or subject to IRS earning minimums).

 

Regular employees are those who are not temporary, such as interns.  Temporary employees are eligible for paid sick time, as required under applicable state law, and the Employee Stock Purchase Plan. Please note some of the above benefits may not apply to workers in Puerto Rico.

 

Further details are available at the link below:

Medtronic benefits and compensation plans

About Medtronic

We lead global healthcare technology and boldly attack the most challenging health problems facing humanity by searching out and finding solutions.
Our Mission — to alleviate pain, restore health, and extend life — unites a global team of 90,000+ passionate people. 
We are engineers at heart— putting ambitious ideas to work to generate real solutions for real people. From the R&D lab, to the factory floor, to the conference room, every one of us experiments, creates, builds, improves and solves. We have the talent, diverse perspectives, and guts to engineer the extraordinary.

Learn more about our business, mission, and our commitment to diversity here.

It is the policy of Medtronic to provide equal employment opportunity (EEO) to all persons regardless of age, color, national origin, citizenship status, physical or mental disability, race, religion, creed, gender, sex, sexual orientation, gender identity and/or expression, genetic information, marital status, status with regard to public assistance, veteran status, or any other characteristic protected by federal, state or local law. In addition, Medtronic will provide reasonable accommodations for qualified individuals with disabilities.

Apply now Apply later
Job stats:  1  0  0

Tags: Application security C Cloud Compliance Computer Science Incident response IoT ISO 27001 Monitoring NIST Pentesting PKI Product security Python R&D Red team Risk management Vulnerabilities

Perks/benefits: 401(k) matching Career development Competitive pay Equity / stock options Flex hours Flexible spending account Flex vacation Health care Insurance Medical leave Team events

Region: North America
Country: United States

More jobs like this

Explore more career opportunities

Find even more open roles below ordered by popularity of job title or skills/products/technologies used.