Product Security Engineer II

At Medtronic you can begin a life-long career of exploration and innovation, while helping champion healthcare access and equity for all. You’ll lead with purpose, breaking down barriers to innovation in a more connected, compassionate world. A Day in the Life At Medtronic, we’re driven by our Mission to alleviate pain, restore health, and extend life for millions of people around the world, with our innovative Biomedical devices and solutions. Our people are the foundation of our mission, together with Medtronic mindset, we pursue continuous innovation to breach new frontiers of Biomedical research. As global connectivity increases, the complexity and security challenges associated with protecting devices, infrastructure, patients, and sensitive data also grow. Product Security Engineer II is responsible for designing security measures to mitigate risks, developing effective procedural frameworks to support cyber resilience throughout the product life cycle. The primary responsibilities may include all phases of the cyber security life cycle of medical devices. These include proactive initiates to identify, model, and evaluate cyber security threats, define security measures to mitigate the threats, develop robust implementation strategies and rigorous verification and validation mechanisms. Proactively engage with cross-functional development teams, prepare reports meeting quality and regulatory requirements. Responsibilities may include the following and other duties may be assigned Product Security – Implement security requirements across the medical device development lifecycle by collaborating with teams to uphold best practices from design to deployment. Risk Assessment – Conduct threat modeling and vulnerability assessments to identify and mitigate security risks throughout the product lifecycle. Security Monitoring and Vulnerability Assessment – Continuously monitor relevant security databases (e.g. NVD), open-source reports, trends on social media related to cyber security, and proactively design and assist in risk mitigation plans. Incident Management – Oversee and support efficient security incident response, ensuring quick resolution, mitigation, and stakeholder communication as required. Automation and AI for Cyber Security: Adopt advanced AI techniques, including large language models and deep learning to efficiently identify, classify, and remediate cybersecurity vulnerabilities in medical device software and systems. The candidate should also demonstrate proficiency in writing Python code to automate security tasks, build custom tooling, and support AI-driven analysis workflows. Security Standards & Compliance – Ensure the implementation and maintenance of security policies for medical devices in accordance with industry standards and regulations, including NIST, IEC 60601-4-5, and IEC 81001-5-1. Conduct regular assessments and collaborate with development teams to enforce compliance and continuously enhance security practices. Follow the Trend - Maintain awareness of current cybersecurity trends in medical devices and health software through ongoing professional development. Collaborate to refine product security strategies and implement industry’s best practices. Experience as cyber security engineer for mobile platforms & embedded software products in a regulated industry Experience in cybersecurity, vulnerability assessments, threat modeling, security incident management, and contributing to proactive security strategies. Hands-on experience in building custom tools and writing automation scripts to monitor security signals from the web, open databases. Required Knowledge and Experience 4 years of experience in cyber security, mobile security, web-application security, embedded systems security, IoT security, or a related role Advance Degree in Computer Science, or related field with significant academic work on cyber security 2 years of experience in cyber security, mobile security, web ... (truncated, view full listing at source)