Director of Global Site Security at Medtronic leading global security standards and optimizing site - level execution. Collaborating with multiple functions to ensure a comprehensive security ecosystem.
About the role
- Principal Product Security Engineer leading cybersecurity activities for Medtronic’s R&D organization. Ensuring secure product delivery and compliance with cybersecurity standards across their lifecycle.
Responsibilities
- Act as point person for the AC&M organization on product security, taking accountability for the organization’s security posture
- Answer questions related to product security during internal and external audits
- Maintain the product security Confluence site and organize documentation related to product security
- Establish and lead implementation of roadmap of goals for product security team and organization
- Organize day-to-day activities of the product security team members and lead standups
- Provide mentorship and guidance to junior and senior product security engineers
- Support definition of roles and responsibilities for product security
- Provide guidance to R&D project teams on security controls and assist with security-focused design and code reviews
- Collaborate with the Medtronic Product Security Office and other R&D organizations to ensure alignment
- Collaborate with project teams to create, review, and maintain threat models
- Assist project teams with creating security architecture diagrams
- Assist project teams with performing and documenting security risk assessments
- Evaluate project deliverables for compliance with security-related standards and guidance
- Assist with creation of MDS2 forms and answering product security questions from customers
- Assist project teams with executing and reviewing results from SAST and DAST tools
- Capture metrics to measure the organization’s security posture
- Respond to product security incidents and work with customers on security-related issues
- Provide security training and documentation to the R&D organization as needed
- Assist project teams with building and reviewing SBOMs
- Assist project teams with analyzing vulnerabilities identified by penetration testing and SBOM analysis
Requirements
- Bachelor’s Degree
- 7+ years of cybersecurity experience with a bachelor's degree
- 5+ years of cybersecurity experience with a master's degree
- Ability to work in a team-oriented environment
- Experience working in an agile environment
- Knowledge of cybersecurity standards, including IEC 81001-5-1
- Knowledge of FDA pre and post-market cybersecurity guidance
- Ability to navigate and align with Regulatory, Quality, and other cross functions.
- Superb written and oral communication skills
- Experience working in medical device space
- Experience communicating with external stakeholders, such as auditors and customers
- Experience with vulnerability monitoring software, such as Dependency-Track
- Experience with threat modeling tools, such as Microsoft Threat Modeling Tool
- Experience with penetration testing, SAST, and DAST tools
Benefits
- Health, Dental and vision insurance
- Health Savings Account
- Healthcare Flexible Spending Account
- Life insurance
- Long-term disability leave
- Dependent daycare spending account
- Tuition assistance/reimbursement
- Simple Steps (global well-being program)
- Incentive plans
- 401(k) plan plus employer contribution and match
- Short-term disability
- Paid time off
- Paid holidays
- Employee Stock Purchase Plan
- Employee Assistance Program
- Non-qualified Retirement Plan Supplement (subject to IRS earning minimums)
- Capital Accumulation Plan (available to Vice Presidents and above, or subject to IRS earning minimums)
Job title
Job type
Experience level
Salary
Degree requirement
Tech skills
Location requirements
Information Security Analyst responsible for implementing and maintaining data protection practices at Autoglass. Ensure compliance with regulatory standards and security best practices.
Senior Software Engineer driving development of privacy features in security platform. Leading technical direction and mentoring engineers for a rapidly growing company.
IT Systemadministrator managing hybrid IT infrastructure and Microsoft 365 services in a dynamic IT team. Responsibilities include security, administration, and support for IT infrastructure.
Expert in Application Security at Deloitte focused on secure development practices and end - to - end risk management. Leading strategic solutions and technical communication for software security.
Join Deloitte as a Senior in Security Architecture, tackling cybersecurity challenges and advising CISO. Collaborate within a multidisciplinary team, defining security frameworks and conducting audits.
Cyber Security Specialist supporting Clients US Consumer Banking Business with Cyber deliverables. Handling security assessments, governance activities and working on integration control enhancements.
AI Infrastructure Security Engineer assessing and strengthening AI systems across varied infrastructures. Ensuring security controls in deployment architectures, APIs, and cloud environments in a hybrid workplace.
AI Infrastructure Security Engineer assessing AI deployment architectures and conducting security testing. Collaborating with engineering teams to ensure AI products meet enterprise security standards.
Engenheiro de Segurança do Trabalho na Capco, consultoria global no setor de serviços financeiros e energia. Foco em segurança ocupacional, operacional e vigilância sanitária.