Manager Infrastructure & Security driving IT infrastructure and security landscape for semiconductor firm. Collaborating with teams to build scalable systems and innovative security strategies.
About the role
- Senior Product Security Engineer ensuring cybersecurity for Medtronic's medical device solutions. Integrating advanced cybersecurity measures and collaborating across teams for product lifecycle improvements.
Responsibilities
- Stay abreast of emerging cybersecurity threats, technologies, and regulations specific to medical devices and health software.
- Contribute to OU and enterprise-wide product security strategy and roadmap development.
- Drive security integration into all stages of the product lifecycle, from concept and design to postmarket.
- Work closely with system architects, software leads, and hardware engineers to embed secure design patterns in both embedded and cloud-connected environments.
- Lead or contribute to threat modeling sessions, conduct security risk assessments, and identify mitigation strategies in accordance with IEC 81001-5-1, ISO 14971, and FDA premarket cybersecurity guidance.
- Collaborate on the design and implementation of secure architectures, focusing on secure boot, secure communications, data protection, access control, secure software updates, and hardware-software integration.
- Support and interpret results from vulnerability scans, penetration tests, and static/dynamic code analysis.
- Coordinate with internal teams and third-party vendors to ensure timely and appropriate risk mitigation.
- Promote a culture of security awareness within R&D and provide support to more junior engineers.
- Ensure alignment with applicable standards (e.g., NIST, IEC 60601-4-5, IEC 81001-5-1) and support security documentation efforts for global regulatory submissions.
- Review and assess the cybersecurity posture of third-party suppliers and open-source software components used within product designs.
- Support technical investigation and resolution of postmarket security incidents or field issues.
- Maintain comprehensive security documentation, including threat model diagrams, risk assessments, shared service inventories, design patterns, security guidelines, and product security plans/reports.
Requirements
- Bachelor's degree and 4 years of relevant experience, or a Master’s degree with 2 years of relevant experience
- Bachelor’s degree in a relevant engineering field of study (e.g., Computer Engineering, Software Engineering, or related discipline), completed and verified prior to start
- Minimum 4 years of relevant experience, or 2 years with an advanced degree
- Minimum 1 year of experience integrating security into embedded systems or connected medical devices in a regulated product development environment
- Working knowledge of secure development lifecycle (SDLC), secure boot, cryptography, secure firmware update, secure communication, and hardware/software interface security
- Master’s degree in a relevant engineering or cybersecurity field
- Industry-recognized certifications (e.g., CISSP, CSSLP, CISM, CEH)
- Experience supporting or mentoring junior security engineers
- Demonstrated ability to implement secure architecture in embedded and connected device ecosystems
- Familiarity with FDA and MDR cybersecurity submission requirements
- Knowledge of secure coding practices and common vulnerabilities (e.g., OWASP, CWE, CVSS)
- Experience participating in cross-functional design reviews or formal design assurance processes
- Working knowledge of secure boot chains, cryptographic controls, and device authentication protocols
Benefits
- Health, Dental and vision insurance
- Health Savings Account
- Healthcare Flexible Spending Account
- Life insurance
- Long-term disability leave
- Dependent daycare spending account
- Tuition assistance/reimbursement
- Simple Steps (global well-being program)
- Incentive plans
- 401(k) plan plus employer contribution and match
- Short-term disability
- Paid time off
- Paid holidays
- Employee Stock Purchase Plan
- Employee Assistance Program
- Non-qualified Retirement Plan Supplement (subject to IRS earning minimums)
- Capital Accumulation Plan (available to Vice Presidents and above, or subject to IRS earning minimums)
Job title
Job type
Experience level
Salary
Degree requirement
Tech skills
Location requirements
Residential Security Agent managing physical security for clients in California and Nevada, ensuring compliance with safety protocols and quick response to emergencies.
Senior Cyber Security Consultant at HvS - Consulting focusing on ISMS development and team leadership. Engaging clients in ISO 27001 compliance and strategic cybersecurity improvements.
Security Operations Consultant analyzing security alerts and managing security incidents. Supporting operational platforms and contributing to the delivery of cyber defense services.
Lead customer security workstream while aligning it with ICEYE's operational security. Collaborate with teams to ensure compliance and effective security practices.
Senior Information Security Consultant involved in compliance assessments and IT audits for various security standards. Based in Athens, Greece with a focus on Information Security Policies and Risk Assessment.
Project Manager overseeing Enterprise Security Compliance initiatives at MTM. Managing compliance and security activities, ensuring project completion within budget and scope.
Cyber security leader driving advanced analytics and fraud prevention strategies at Sun Life. Establishing operational models and analytics capabilities for proactive risk mitigation and incident response.
Senior Manager of Cloud Network Engineering & Security leading enterprise - wide network evolution. Hands - on technical leadership focusing on cloud networking in AWS and Azure from Dallas headquarters.