BioCT Innovation Commons
Sr. Product Security Engineer
BioCT Innovation Commons, North Haven, Connecticut, us, 06473
At Medtronic you can begin a life-long career of exploration and innovation, while helping champion healthcare access and equity for all. You’ll lead with purpose, breaking down barriers to innovation in a more connected, compassionate world.A Day in the Life
In this role, you will join a world class team of systems, mechanical, electrical, software, and quality engineers within Medtronic’s Surgical Operating Unit (OU). This is one new, powerful operating unit bringing together the people and product portfolio of Surgical Robotics and Surgical Innovations. With the Medtronic Mission as our North Star, we will build on our legacy of proven surgical solutions and advance the promise of robotics and digital solutions for the benefit of the customers and patients we serve.Make your impact by exploring a career with the world’s leading Medical Device company, striving “to alleviate pain, restore health, and extend life.”Key Responsibilities:Product Security Strategy & Continuous Learning
- Participate in ongoing professional development to stay current with emerging cybersecurity trends and threats related to medical devices and health software products. Contribute to the development and refinement of product security strategies within the Operating Unit (OU), ensuring alignment with established industry best practices and regulatory requirements. Collaborate with senior team members to implement security measures and continuously improve product security processes.Product Security
- Support and lead integration of security into the product development lifecycle, ensuring that security considerations are incorporated from design to deployment. Assist in implementing security measures across medical devices, OT, ICS, IoT, and enterprise security processes/standards. Work closely with cross-functional teams to ensure security is a core part of the product design and development process.Risk Assessment
- Conduct threat modeling, security risk evaluations, and vulnerability assessments to identify and mitigate potential security risks throughout the product lifecycle. Work under limited supervision to address security threats and provide recommendations for risk mitigation. Collaborate with cross-functional teams to ensure risks are evaluated and managed in alignment with security best practices and regulatory requirements.Security Architecture
- Contribute to the design and deployment of secure medical device architectures and product designs. Assist in the implementation of key security features such as secure boot, secure communications, data protection, secure updates, secure integration, and access controls. Collaborate with senior engineers to ensure that security architecture aligns with product security requirements and best practices.Security Standards & Testing
- Assist in maintaining and implementing security standards, policies, and procedures for medical device systems and product development. Contribute to security testing activities, including vulnerability scanning, penetration testing, and code reviews. Collaborate with cross-functional teams to ensure adherence to security standards and participate in evaluating testing results to identify and address security vulnerabilities.Security Awareness
- Contribute to promoting security awareness and assist in delivering training across cross-functional product development teams. Help foster a security-conscious culture by sharing best practices and providing support on security-related topics.Compliance
- Ensure compliance with industry standards and regulations related to medical device and health software product security, such as NIST, IEC 60601-4-5, IEC 81001-5-1, and others.Vendor Assessment
- Evaluate third-party vendors and suppliers for their security practices and ensure they meet our security requirements.Incident Management
- Lead and support the effective response to security incidents, ensuring swift resolution, proper mitigation, and clear communication to stakeholders, including customers when needed.Documentation
- Maintain detailed documentation of security best practices, guidance, configurations, design patterns, shared service designs, inventories, incident response plans, security architectures, and reports.Must Have: Minimum RequirementsBachelor’s degree or higher (completed and verified prior to start).Minimum 4 years of relevant experience or advanced degree with a minimum of 2 years of relevant experience.Minimum 2 years of embedded device product security experience in a regulated industry.Nice to HaveBachelor’s degree in related engineering or cybersecurity from an accredited institution.Ability to adapt to the rapidly evolving cybersecurity landscape and contribute to proactive security strategies.Demonstrated ability to identify challenges and propose effective solutions.Experience working with junior engineers and willingness to provide guidance and mentorship.Familiarity with evolving regulations in the medical device sector and staying updated with relevant security standards.Proficiency in secure coding practices and methodologies is highly desirable.Required Knowledge and Experience:
Requires advanced knowledge of job area combining breadth and depth, typically obtained through advanced education combined with experience.Physical Job RequirementsThe above statements are intended to describe the general nature and level of work being performed by employees assigned to this position, but they are not an exhaustive list of all the required responsibilities and skills of this position.Benefits & CompensationMedtronic offers a competitive Salary and flexible Benefits Package. A commitment to our employees lives at the core of our values. We recognize their contributions. They share in the success they help to create. We offer a wide range of benefits, resources, and competitive compensation plans designed to support you at every career and life stage.Salary ranges for U.S (excl. PR) locations (USD): $123,200.00 - $184,800.00. This position is eligible for a short-term incentive called the Medtronic Incentive Plan (MIP). The base salary range is applicable across the United States, excluding Puerto Rico and specific locations in California. The offered rate complies with federal and local regulations and may vary based on factors such as experience, certification/education, market conditions, and location.About MedtronicWe lead global healthcare technology and boldly attack the most challenging health problems facing humanity by searching out and finding solutions. Our Mission — to alleviate pain, restore health, and extend life — unites a global team of 90,000+ passionate people. We are engineers at heart—putting ambitious ideas to work to generate real solutions for real people.It is the policy of Medtronic to provide equal employment opportunity (EEO) to all persons regardless of age, color, national origin, citizenship status, physical or mental disability, race, religion, creed, gender, sex, sexual orientation, gender identity and/or expression, genetic information, marital status, status with regard to public assistance, veteran status, or any other characteristic protected by federal, state or local law. In addition, Medtronic will provide reasonable accommodations for qualified individuals with disabilities.
#J-18808-Ljbffr
In this role, you will join a world class team of systems, mechanical, electrical, software, and quality engineers within Medtronic’s Surgical Operating Unit (OU). This is one new, powerful operating unit bringing together the people and product portfolio of Surgical Robotics and Surgical Innovations. With the Medtronic Mission as our North Star, we will build on our legacy of proven surgical solutions and advance the promise of robotics and digital solutions for the benefit of the customers and patients we serve.Make your impact by exploring a career with the world’s leading Medical Device company, striving “to alleviate pain, restore health, and extend life.”Key Responsibilities:Product Security Strategy & Continuous Learning
- Participate in ongoing professional development to stay current with emerging cybersecurity trends and threats related to medical devices and health software products. Contribute to the development and refinement of product security strategies within the Operating Unit (OU), ensuring alignment with established industry best practices and regulatory requirements. Collaborate with senior team members to implement security measures and continuously improve product security processes.Product Security
- Support and lead integration of security into the product development lifecycle, ensuring that security considerations are incorporated from design to deployment. Assist in implementing security measures across medical devices, OT, ICS, IoT, and enterprise security processes/standards. Work closely with cross-functional teams to ensure security is a core part of the product design and development process.Risk Assessment
- Conduct threat modeling, security risk evaluations, and vulnerability assessments to identify and mitigate potential security risks throughout the product lifecycle. Work under limited supervision to address security threats and provide recommendations for risk mitigation. Collaborate with cross-functional teams to ensure risks are evaluated and managed in alignment with security best practices and regulatory requirements.Security Architecture
- Contribute to the design and deployment of secure medical device architectures and product designs. Assist in the implementation of key security features such as secure boot, secure communications, data protection, secure updates, secure integration, and access controls. Collaborate with senior engineers to ensure that security architecture aligns with product security requirements and best practices.Security Standards & Testing
- Assist in maintaining and implementing security standards, policies, and procedures for medical device systems and product development. Contribute to security testing activities, including vulnerability scanning, penetration testing, and code reviews. Collaborate with cross-functional teams to ensure adherence to security standards and participate in evaluating testing results to identify and address security vulnerabilities.Security Awareness
- Contribute to promoting security awareness and assist in delivering training across cross-functional product development teams. Help foster a security-conscious culture by sharing best practices and providing support on security-related topics.Compliance
- Ensure compliance with industry standards and regulations related to medical device and health software product security, such as NIST, IEC 60601-4-5, IEC 81001-5-1, and others.Vendor Assessment
- Evaluate third-party vendors and suppliers for their security practices and ensure they meet our security requirements.Incident Management
- Lead and support the effective response to security incidents, ensuring swift resolution, proper mitigation, and clear communication to stakeholders, including customers when needed.Documentation
- Maintain detailed documentation of security best practices, guidance, configurations, design patterns, shared service designs, inventories, incident response plans, security architectures, and reports.Must Have: Minimum RequirementsBachelor’s degree or higher (completed and verified prior to start).Minimum 4 years of relevant experience or advanced degree with a minimum of 2 years of relevant experience.Minimum 2 years of embedded device product security experience in a regulated industry.Nice to HaveBachelor’s degree in related engineering or cybersecurity from an accredited institution.Ability to adapt to the rapidly evolving cybersecurity landscape and contribute to proactive security strategies.Demonstrated ability to identify challenges and propose effective solutions.Experience working with junior engineers and willingness to provide guidance and mentorship.Familiarity with evolving regulations in the medical device sector and staying updated with relevant security standards.Proficiency in secure coding practices and methodologies is highly desirable.Required Knowledge and Experience:
Requires advanced knowledge of job area combining breadth and depth, typically obtained through advanced education combined with experience.Physical Job RequirementsThe above statements are intended to describe the general nature and level of work being performed by employees assigned to this position, but they are not an exhaustive list of all the required responsibilities and skills of this position.Benefits & CompensationMedtronic offers a competitive Salary and flexible Benefits Package. A commitment to our employees lives at the core of our values. We recognize their contributions. They share in the success they help to create. We offer a wide range of benefits, resources, and competitive compensation plans designed to support you at every career and life stage.Salary ranges for U.S (excl. PR) locations (USD): $123,200.00 - $184,800.00. This position is eligible for a short-term incentive called the Medtronic Incentive Plan (MIP). The base salary range is applicable across the United States, excluding Puerto Rico and specific locations in California. The offered rate complies with federal and local regulations and may vary based on factors such as experience, certification/education, market conditions, and location.About MedtronicWe lead global healthcare technology and boldly attack the most challenging health problems facing humanity by searching out and finding solutions. Our Mission — to alleviate pain, restore health, and extend life — unites a global team of 90,000+ passionate people. We are engineers at heart—putting ambitious ideas to work to generate real solutions for real people.It is the policy of Medtronic to provide equal employment opportunity (EEO) to all persons regardless of age, color, national origin, citizenship status, physical or mental disability, race, religion, creed, gender, sex, sexual orientation, gender identity and/or expression, genetic information, marital status, status with regard to public assistance, veteran status, or any other characteristic protected by federal, state or local law. In addition, Medtronic will provide reasonable accommodations for qualified individuals with disabilities.
#J-18808-Ljbffr