Senior Cybersecurity Specialist

At Medtronic you can begin a life-long career of exploration and innovation, while helping champion healthcare access and equity for all. You’ll lead with purpose, breaking down barriers to innovation in a more connected, compassionate world.

A Day in the LifeThe Analyst will join the External Cyber Risk team within the Global Cyber & Information Security Organization (GCISO), working closely with the Global Data and Privacy Center of Expertise (Privacy COE). Key responsibilities include conducting and managing third-party risk assessments to evaluate a vendor’s ability to manage information risks and protect company data. The candidate will collaborate with both business teams and third-party vendors to provide assessment reports, executive summaries, and actionable recommendations for remediation.
Additionally, the role involves communicating, escalating, and tracking progress on remediation activities, ensuring effective risk mitigation. The analyst will assess information security risks inherent in various vendor engagements and translate these risks into clear business terms. Staying current on information security and data privacy trends and understanding their implications for the organization’s programs will also be crucial for success in this role.

Key Responsibilities

Risk Assessments & Analysis:

• Conduct comprehensive cybersecurity risk assessments for third-party vendors, identifying potential threats and vulnerabilities to organizational assets and data.
• Document and analyze inherent risk scores to determine the baseline risk associated with each vendor relationship.
• Review vendor responses to security and privacy questionnaires, security attestations, and other documentation to identify gaps in vendor cybersecurity postures.
• Prepare detailed risk assessment reports, documenting findings, risk levels, and recommendations for remediation.

Collaboration & Communication:

• Work with cross-functional teams to resolve data security and privacy issues.
• Engage with senior leadership for issue escalation and support in decision-making processes.
• Assist in the development and enhancement of third-party risk management processes, tools, and methodologies to improve efficiency and consistency.

Additional skills

• Strong analytical and problem-solving skills.
• Ability to work independently and collaboratively in fast-spaced environments.
• Knowledge of IT security controls, security risks, and third-party risk assessments.
• Familiarity with frameworks such as NIST and ISO 27001.
• Effective communication and collaboration skills, with the ability to engage with both technical and non-technical stakeholders.

MUST HAVE (Minimum Qualifications)

Senior level: A Baccalaureate degree (or equivalent for degrees earned outside of the United States) and minimum of 7 years of relevant experience

NICE TO HAVE

• CISSP, CISA, CRISC, or CISM Certification(s)

Technical Knowledge

• Familiarity with security scorecard vendors, and GRC tools (LogicGate, ServiceNow).

Physical Job Requirements

The above statements are intended to describe the general nature and level of work being performed by employees assigned to this position, but they are not an exhaustive list of all the required responsibilities and skills of this position. 

Benefits & Compensation

Medtronic offers a competitive Salary and flexible Benefits Package
A commitment to our employees lives at the core of our values. We recognize their contributions. They share in the success they help to create.  We offer a wide range of benefits, resources, and competitive compensation plans designed to support you at every career and life stage.
 

This position is eligible for a short-term incentive called the Medtronic Incentive Plan (MIP).

About Medtronic

We lead global healthcare technology and boldly attack the most challenging health problems facing humanity by searching out and finding solutions.
Our Mission — to alleviate pain, restore health, and extend life — unites a global team of 95,000+ passionate people. 
We are engineers at heart— putting ambitious ideas to work to generate real solutions for real people. From the R&D lab, to the factory floor, to the conference room, every one of us experiments, creates, builds, improves and solves. We have the talent, diverse perspectives, and guts to engineer the extraordinary.

Learn more about our business, mission, and our commitment to diversity here