IT - Security & Compliance Engineer managing compliance standards and audits at C.H.BECK, a leading media company. Focused on IT security, risk management, and collaboration with various departments.
About the role
- Senior Product Security Engineer at Medtronic focusing on cybersecurity for medical device products. Leading vulnerability assessments and coordinating responses to security incidents.
Responsibilities
- Act as Senior Product Security Engineer, reporting to the Senior Engineering Director.
- Act as a member of the PSIRT (Product Security Incident Response Team).
- Support ongoing assessment of product security related “signals” pertaining to potential vulnerabilities and/or incidents regarding Medtronic connected products.
- Provide both planned and on-demand support for vulnerability assessments for Medtronic businesses in support of regulatory activities.
- Readiness for meeting forthcoming cybersecurity reporting requirements in CY 2026 from US Cyber Incident Reporting for Critical Infrastructure Act (CIRCIA) and EU Cyber Resilience Act.
- Support identification, documentation, and assessment of technology, tools, and associated processes in use by the PSO.
- Assist in developing an appropriate architecture framework in alignment with the key strategic pillars of Security by Design and Vulnerability Vigilance.
- Participate in conducting an industry assessment for appropriate tooling/solution selection.
- Implement proposed framework to improve PSO visibility, reporting, metrics, and overall maturity in the PSO strategy.
- Support enterprise quality program for SBOMs (“Software Bill of Materials”) with adherence to industry defined standards such as CycloneDX, SPDX (“Software Package Data Exchange”), VEX (“Vulnerability Exploitability eXchange”).
- Enable creation of high-quality SBOMs and dissemination of best practices for SBOM generation in support of internal teams and external partners.
Requirements
- Requires a Bachelors degree and minimum of 4 years of relevant experience OR Master's degree with a minimum of 2 years relevant experience OR PhD with 0 years relevant experience.
- 5-10 years of program management/development experience with a bachelor’s degree
- Experience in Product Security and Cyber Security
- Excellent written and verbal communication skills including demonstrated influence of stakeholders across an organization
- Occasional after-hours availability to accommodate different regional and global partners.
- Experience working in a regulated environment and/or a formal quality system
- Some technical and troubleshooting skills.
- Strong capability to research and evaluate emerging technologies.
- Preference is given to those with relevant product security or engineering experience.
- Strong in interpersonal communication and demonstrate a collaborative work style.
- Comfortable working in an ambiguous environment.
- Innovative thinker; ability to think outside of the current norms and processes
- Independent self-starter
- Strong communication and collaboration skills
- Solid writing and presentation skills
- Interest in novel applications of technology
- Experience integrating Shift-left security tools and practices
- Familiarity with Git-based workflows and foundational python skills
- Work with outside vendors, and support product teams that work with vendors.
- Strengthen relationships with critical Engineering, Quality, Regulatory Affairs, Global Security office, Global IT, and Leadership stakeholders in Operating Units.
Benefits
- Health, Dental and vision insurance
- Health Savings Account
- Healthcare Flexible Spending Account
- Life insurance
- Long-term disability leave
- Dependent daycare spending account
- Tuition assistance/reimbursement
- Simple Steps (global well-being program)
- Incentive plans
- 401(k) plan plus employer contribution and match
- Short-term disability
- Paid time off
- Paid holidays
- Employee Stock Purchase Plan
- Employee Assistance Program
- Non-qualified Retirement Plan Supplement (subject to IRS earning minimums)
- Capital Accumulation Plan (available to Vice Presidents and above, or subject to IRS earning minimums)
Job title
Job type
Experience level
Salary
Degree requirement
Tech skills
Location requirements
SAP Senior Security Consultant developing innovative security concepts for SAP environments at Axians, supporting clients with their digital transformation efforts.
Security Engineer at Fonoa enhancing cybersecurity posture, handling incident response, and ensuring compliance. Collaborating with IT, Engineering, and other teams in a hybrid work environment.
Head of Product Security ensuring cybersecurity for Liebherr’s construction machines and digital products. Leading product security strategy, compliance, and team of security experts.
Cybersecurity Engineer at Openchip ensuring the security of IT systems and compliance with standards. Collaborating with DevOps and Infrastructure teams to implement best practices and mitigate risks.
Lead strategic implementation of work safety and health protection initiatives at PostFinance. Develop guidelines and provide training while ensuring compliance with safety standards.
Cybersecurity Engineer defining and governing corporate security architectures at GFT. Collaborating with multidisciplinary teams to ensure robust security protocols and practices.
Information Security Architect specializing in AI risk management at Wolters Kluwer. Enhancing secure adoption of Generative AI across the enterprise while ensuring compliance with industry standards.
Consultor Comercial de Soluções em Cibersegurança para fortalecer vendas na QOS. Traduzir soluções de cibersegurança em benefícios reais, influenciando decisores.
Health and safety coordinator supporting environment, health, and safety for Coca - Cola's Lachine operations. Focus on compliance and training initiatives in a manufacturing setting.