We anticipate the application window for this opening will close on - 4 Jul 2026

As global connectivity increases, the complexity and security challenges associated with protecting devices, infrastructure, patients, and sensitive data also grow. The Sr. Product Security Engineer is responsible for designing advanced cybersecurity architectures and effective procedural frameworks to support cyber resilience throughout the product life cycle.

The primary responsibilities include overseeing all phases of the cybersecurity lifecycle for medical devices. These include proactive initiatives to identify, model, and evaluate cybersecurity threats, define security measures to mitigate those threats, develop robust implementation strategies, and rigorous verification and validation mechanisms. Proactively engage with cross-functional development teams and prepare reports meeting quality and regulatory requirements.

Key Responsibilities:

In general, the Sr. Product Security Engineer is responsible for, but not limited to, the following tasks:

• Product Security - Implement security requirements across the medical device development lifecycle by collaborating with teams to uphold best practices from design to deployment.
• Risk Assessment - Conduct threat modeling and vulnerability assessments to identify and mitigate security risks throughout the product lifecycle.
• Security Architecture - Support the design and deployment of secure medical devices by implementing features like secure boot, communications, data protection, updates, integration, and access controls.
• Web and Cloud Security - Implement and mature the digital health platform architecture to meet customer expectations and enable development of digital solutions across Neuromodulation and Pain & Hypertension, including PH My Future, Insights Dashboard, Remote Monitoring, Remote Programming, and the DBS BrainSense Portal. Define and execute surveillance strategy across web applications and cloud native platforms.
• Security Standards & Compliance - Implement and maintain security policies for medical devices following industry standards like NIST, ISO27001, and IEC 81001-5-1. Regularly assess compliance and work with development teams to improve security practices.
• Stay updated on cybersecurity trends in medical devices and health software. Work with others to improve security strategies and apply best practices.

Minimum Requirements:

• Bachelor's degree in Computer Science or a related field with 4+ years of experience in cyber security, embedded systems security, IoT security, IT security, or a related role.
• Advanced degree in Computer Science or a related field with significant academic work in cyber security and 3+ years of experience in a related role.

Technical Skills:

• Strong understanding of cybersecurity concepts and frameworks (e.g., NIST, OWASP)
• Familiarity with security standards such as ISO 27001, ISO 14971, or HITRUST
• Working knowledge of secure software development lifecycle (SDLC) principles and DevSecOps
• Strong understanding of advanced cryptography, Hardware Security Module concepts, and secure key generation and management

Soft Skills:

• Proactive communication skills to identify, present, and persuade leadership on cybersecurity risks
• Strong problem-solving and analytical skills
• Ability to collaborate effectively in cross-functional teams

Certifications (Preferred):

CompTIA Security+, CISSP, CISM, or similar security certifications.

For Baccalaureate degrees earned outside of the United States, a degree that satisfies the requirements of 8 C.F.R. a7 214.2(h)(4)(iii)(A) is required.

Physical Job Requirements

The above statements are intended to describe the general nature and level of work being performed by employees assigned to this position, but they are not an exhaustive list of all the required responsibilities and skills of this position.

The physical demands described within the Responsibilities section of this job description are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. For Office Roles: While performing the duties of this job, the employee is regularly required to be independently mobile. The employee is also required to interact with a computer, and communicate with peers and co-workers. Contact your manager or local HR to understand the Work Conditions and Physical requirements that may be specific to each role.

U.S. Work Authorization & Sponsorship

At Medtronic, we are committed to fostering an environment where employees can thrive and make a meaningful impact. In alignment with our enterprise-wide workforce planning approach, U.S. work authorization sponsorship (H-1B, TN, J, etc.) is offered exclusively for Principal-level roles and above, where specialized expertise aligns with long-term business needs. Roles below the Principal level require candidates to possess unrestricted U.S. work authorization at the time of hire and for the duration of employment.

Join us in our mission to alleviate pain, restore health, and extend life-where your unique background and perspective are valued.
Benefits & Compensation

Medtronic offers a competitive Salary and flexible Benefits Package
A commitment to our employees lives at the core of our values. We recognize their contributions. They share in the success they help to create. We offer a wide range of benefits, resources, and competitive compensation plans designed to support you at every career and life stage.

Salary ranges for U.S (excl. PR) locations (USD):$132,000.00 - $198,000.00

This position is eligible for a short-term incentive called the Medtronic Incentive Plan (MIP).

The base salary range is applicable across the United States, excluding Puerto Rico and specific locations in California. The offered rate complies with federal and local regulations and may vary based on factors such as experience, certification/education, market conditions, and location. Compensation and benefits information pertains solely to candidates hired within the United States (local market compensation and benefits will apply for others).

The following benefits and additional compensation are available to those regular employees who work 20+ hours per week: Health, Dental and vision insurance, Health Savings Account, Healthcare Flexible Spending Account, Life insurance, Long-term disability leave, Dependent daycare spending account, Tuition assistance/reimbursement, and Simple Steps (global well-being program).

The following benefits and additional compensation are available to all regular employees: Incentive plans, 401(k) plan plus employer contribution and match, Short-term disability, Paid time off, Paid holidays, Employee Stock Purchase Plan, Employee Assistance Program, Non-qualified Retirement Plan Supplement (subject to IRS earning minimums), and Capital Accumulation Plan (available to Vice Presidents and above, or subject to IRS earning minimums).

Regular employees are those who are not temporary, such as interns. Temporary employees are eligible for paid sick time, as required under applicable state law, and the Employee Stock Purchase Plan. Please note some of the above benefits may not apply to workers in Puerto Rico.

Further details are available at the link below:

Medtronic benefits and compensation plans