This job posting isn't available in all website languages
21000OOO Requisition #
Careers that Change Lives:
In this exciting role as Senior Product Security Engineer, you will be responsible for executing various security risk management tasks for surgical devices developed within the Surgical Robotics Operating Unit of Medtronic. Support the development and enhancement of the globally launched Medtronic’s Robotic Assisted Surgery and Digital Surgery systems through commercial launch and production scale-up: https://www.medtronic.com/covidien/en-us/robotic-assisted-surgery.html

Impact patient outcomes.  Come for a job, stay for a career:
The Surgical Robotics Operating Unit strives to enable earlier diagnosis, better treatment, faster complication-free recovery, and enhanced patient outcomes through less invasive surgical solutions.
A Day in the Life
As an individual contributor within the Product Security Engineering team, your primary responsibility will be to work together with key members of Systems, Hardware, Software, Test, Quality, Regulatory Affairs, Data Privacy,  and Customer Technical Support teams to ensure product security, data privacy, patient safety, and product efficacy are never compromised.  
To be successful in this role, you shall be able to demonstrate solid understanding of product design, various stages of product development and software development processes. You will own the development and testing of security requirements, security processes and security artifacts for all products within the portfolio. You will also be required to create and maintain security deliverables that demonstrate compliance with the latest security standards, guidance, and regulations. Additional responsibilities will include collaborating with technical support team to enable product installations.
Engineers create our market-leading portfolio of innovations. Combine the best of your experience with training and mentorship to move your career forward. If you want a challenging, energizing, rewarding career that changes lives, join us. Help us bring the next generation of life-changing medical technology to patients worldwide.
While the Product Security Engineer works very closely with the Software Engineering team, software development will not be a primary responsibility.
 You Will
  • Execute product security related activities throughout the product life cycle as per the established Medical Device Cybersecurity procedures.
  • Ensure product solutions are architected and designed for the highest level of security and data privacy. This includes (but not limited to) the following:
    • Security requirements definition
    • Security architecture and design
    • Security risk management - identifying areas where a project must implement specific security controls, recommending system-wide security enhancements, performing security risk assessment and mitigation plans
    • Develop security-related abuse cases to identify security risks.
    • Oversee security verification and validation and Penetration testing in alignment with Medtronic testing strategies.
  • Coordinate penetration testing for software releases in flight.
  • Conduct vulnerability scans and analyze vulnerability reports with product team to determine appropriate mitigation strategy.
  • Communicate to project stake holders about product vulnerabilities, impact assessments, and other risk assessments
  • Create and maintain product security documents and deliverables
  • Ensure the product design complies with Global Medtronic Product Security Policies
  • Maintain a high level of technical knowledge on security and data-privacy
  • Participate in the development of processes, best practices leading to improve product security
Must Haves: Minimum Requirements
  • Bachelor’s degree and minimum of 2 years of relevant experience, or advanced degree and 0 years of experience.
Nice to Have
  • Software Development experience with a strong understanding of all stages of software product development life cycle
  • Strong working level knowledge of Windows, QNX, Linux Operating Systems
  • Very good working knowledge of Networking fundamentals such as DHCP, IP configuration as well as Network Security concepts including Firewalls, VPNs etc.
  • Expertise in scripting languages such as Python, Unix Shell, JSON etc.
  • Strong expertise in MS-Excel
  • Excellent written communication skills with experience creating data driven reports
  • Broad knowledge and experience with Product Security, Network Security, Information Security, and Data Privacy
  • Good understanding of security practices such as Threat Modeling, Penetration Testing, Continuous Vulnerability Monitoring etc.
  • Familiarity with using vulnerability scan tools.
  • Proven experience with Medical Device Product Security guidance, regulations, and other applicable standards
  • Prior experience in Medical Device or other similar regulated industry experience
  • Experience in Risk Management and Systems Engineering
  • Familiarity of Static Code analysis is a plus
  • Prior security design experience in critical industries such as DOD, DOE, NSA
  • Demonstrated ability to develop and grow productive, trusting and open relationships with a wide variety of people
  • Demonstrated leadership, team-work skills and project management
  • Demonstrated ability to communicate effectively with internal and external stakeholders
  • Demonstrated very strong analytical problem-solving skills
  • Proven record of working without extensive direction
  • Experience with Clinical IT and Clinical IT Security stakeholders
  • Knowledge of standards such as IEC 62304, 82304, ISO16363, ISO27001 etc.
  • Knowledge of regulations such as HIPAA, GDPR, EUMDR etc 
About Medtronic
Together, we can change healthcare worldwide. At Medtronic, we push the limits of what technology, therapies and services can do to help alleviate pain, restore health and extend life.  We challenge ourselves and each other to make tomorrow better than yesterday. It is what makes this an exciting and rewarding place to be. 
We want to accelerate and advance our ability to create meaningful innovations - but we will only succeed with the right people on our team. Let’s work together to address universal healthcare needs and improve patients’ lives. Help us shape the future.
Physical Job Requirements
The above statements are intended to describe the general nature and level of work being performed by employees assigned to this position, but they are not an exhaustive list of all the required responsibilities and skills of this position.  The physical demands described within the Day in the Life section of this job description are representative of those that must be met by an employee to successfully perform the essential functions of this job.  Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
It is the policy of Medtronic to provide equal employment opportunity (EEO) to all persons regardless of age, color, national origin, citizenship status, physical or mental disability, race, religion, creed, gender, sex, sexual orientation, gender identity and/or expression, genetic information, marital status, status with regard to public assistance, veteran status, or any other characteristic protected by federal, state or local law. In addition, Medtronic will provide reasonable accommodations for qualified individuals with disabilities.
This employer participates in the federal E-Verify program to confirm the identity and employment authorization of all newly hired employees. For further information about the E-Verify program, please click here: http://www.uscis.gov/e-verify/employees

My Profile

Create and manage profiles for future opportunities.

Go to Profile

My Submissions

Track your opportunities.

My Submissions

Similar Listings

Boston, Massachusetts, United States

📁 Engineering

Requisition #: 21000SB7

Boston, Massachusetts, United States

📁 Engineering

Requisition #: 21000OX4

Boston, Massachusetts, United States

📁 Engineering

Requisition #: 21000UAC


FORTUNE puts Medtronic among the top 20 companies worldwide having a positive social impact through core business strategy.

Read The Story


Bring your talents to help us build life-changing technology


Three Women Working


We believe that when people from different cultures, genders, and points of view come together, innovation is the result — and everyone wins. Medtronic walks the walk, creating an inclusive culture where you can thrive.