Medtronic

Principal Product Security Engineer

Hyderabad, India Remote Hybrid
R
Description

At Medtronic you can begin a life-long career of exploration and innovation, while helping champion healthcare access and equity for all. You’ll lead with purpose, breaking down barriers to innovation in a more connected, compassionate world.

A Day in the Life

As a Principal Product Security Engineer at Medtronic, you will play a pivotal role in safeguarding our medical devices and healthcare solutions. You will be a key member of the Product Security responsible for ensuring the security and privacy of our products. Your expertise will guide us in delivering safe and secure healthcare solutions that meet the highest standards.

Responsibilities may include the following and other duties may be assigned

  • Lead Security Initiatives: Take the helm in driving security initiatives for our connected enterprise products, embedded systems, and applications.
  • Penetration Testing: Execute penetration testing using manual techniques and security tools such as Burp Suite and Metasploit.
  • Guidelines Compliance: Collaborate with product teams to ensure adherence to harmonized penetration testing guidelines for all products.
  • KPI Reporting: Generate and report Key Performance Indicators (KPIs) related to penetration testing results at enterprise, Operating Unit (OU), and product levels.
  • Lab Collaboration: Work closely with lab support and tools support teams to optimize security practices.
  • Tool Management: Install and configure penetration testing tools when required to enhance security.
  • Reporting and Knowledge Sharing: Proactively create, share, and review reports as part of penetration testing activities. Identify and propose new penetration testing methodologies.
  • Security Testing: Utilize tools like Achilles and other security assessment methodologies to identify vulnerabilities in our products. Conduct penetration testing and vulnerability scanning to assess software, hardware, and network interfaces.
  • Risk Assessment: Collaborate with cross-functional teams to prioritize security testing efforts based on the potential risks associated with vulnerabilities and their impact on our products and customers.
  • Compliance: Ensure that our products adhere to relevant security standards and regulations in our industry. Stay up-to-date with evolving compliance requirements and work towards compliance certifications.
  • Secure Development Lifecycle: Promote a culture of security within the organization by integrating security into the product development lifecycle. Conduct code reviews and work closely with developers to ensure secure coding practices.
  • Secure Configuration: Oversee the configuration of our products, ensuring that default settings are changed, unnecessary services are disabled, and security patches and updates are applied promptly.
  • Access Control: Implement and manage access control mechanisms to restrict unauthorized access to sensitive resources and functions within our products.
  • Data Encryption: Ensure that data is encrypted both in transit and at rest to protect it from unauthorized access or interception.
  • Authentication and Authorization: Implement and maintain strong authentication and authorization mechanisms, including multi-factor authentication (MFA) where necessary.
  • Logging and Monitoring: Establish robust logging and monitoring systems to detect and respond to security incidents in real-time. Implement intrusion detection systems and analyze logs for anomalies.
  • Incident Response: Develop and maintain an incident response plan, including procedures for responding to security breaches or the discovery of vulnerabilities.
  • User Education: Provide training and guidance to users and customers on secure product usage, password management, and the reporting of security issues.
  • Third-party Assessment: Conduct security assessments of third-party components or services used in our products to ensure they meet our security standards.
  • Continuous Improvement: Stay updated on emerging security threats and vulnerabilities. Regularly update and patch our products to address new security challenges.
  • External Audits: Collaborate with external security experts for independent security assessments and audits of our products.

Required Knowledge and Experience

  • Education: BE/ BTech in Computer Science or a related field, or equivalent demonstrated experience and knowledge.
  • Total 10 Years technical experience working with cybersecurity architecture, product security engineering or a related role.
  • Teamwork: Demonstrated skill working as part of a team, collaborating, and supporting peers in a fast-paced environment.
  • Project Management: Project management experience for full security system lifecycles and security tool upgrades, including business case development.
  • Motivation: Self-motivated with the drive to solve challenging problems and motivate others to higher levels of performance and engagement.
  • Continuous Learning: A strong desire and aptitude for continuous learning and staying updated on new and emerging technologies.
  • Proficiency in security testing tools.
  • Strong knowledge of security best practices, standards, and regulations in Medical Devices
  • Hands-on experience with secure coding practices and code reviews.
  • Familiarity with encryption, authentication, access control, and incident response.
  • Excellent communication skills and the ability to collaborate with cross-functional teams.
  • Security certifications such as Certified Information Systems Security Professional (CISSP) or Certified Information Security Manager (CISM) is a plus.

Physical Job Requirements

The above statements are intended to describe the general nature and level of work being performed by employees assigned to this position, but they are not an exhaustive list of all the required responsibilities and skills of this position. 

Benefits & Compensation

Medtronic offers a competitive Salary and flexible Benefits Package
A commitment to our employees lives at the core of our values. We recognize their contributions. They share in the success they help to create.  We offer a wide range of benefits, resources, and competitive compensation plans designed to support you at every career and life stage.
 

About Medtronic

We lead global healthcare technology and boldly attack the most challenging health problems facing humanity by searching out and finding solutions.
Our Mission — to alleviate pain, restore health, and extend life — unites a global team of 90,000+ passionate people. 
We are engineers at heart— putting ambitious ideas to work to generate real solutions for real people. From the R&D lab, to the factory floor, to the conference room, every one of us experiments, creates, builds, improves and solves. We have the talent, diverse perspectives, and guts to engineer the extraordinary.

Learn more about our business, mission, and our commitment to diversity here  
 

Medtronic
Medtronic
Artificial Intelligence (AI) Biotechnology Health Care Health Diagnostics Medical Device Artificial Intelligence (AI) Biotechnology Health Care Health Diagnostics Medical Device

0 applies

0 views

Other Jobs from Medtronic

Senior Product Security Engineer

Hyderabad, India Remote Hybrid

Senior Electrical Engineer

Hyderabad, India Remote Hybrid

Principal Enterprise Software Engineer

Hyderabad, India Remote Hybrid

There are more than 50,000 engineering jobs:

Subscribe to membership and unlock all jobs

Engineering Jobs

60,000+ jobs from 4,500+ well-funded companies

Updated Daily

New jobs are added every day as companies post them

Refined Search

Use filters like skill, location, etc to narrow results

Become a member

🥳🥳🥳 401 happy customers and counting...

Overall, over 80% of customers chose to renew their subscriptions after the initial sign-up.

To try it out

For active job seekers

For those who are passive looking

Cancel anytime

Frequently Asked Questions

  • We prioritize job seekers as our customers, unlike bigger job sites, by charging a small fee to provide them with curated access to the best companies and up-to-date jobs. This focus allows us to deliver a more personalized and effective job search experience.
  • We've got about 70,000 jobs from 5,000 vetted companies. No fake or sleazy jobs here!
  • We aggregate jobs from 5,000+ companies' career pages, so you can be sure that you're getting the most up-to-date and relevant jobs.
  • We're the only job board *for* software engineers, *by* software engineers… in case you needed a reminder! We add thousands of new jobs daily and offer powerful search filters just for you. 🛠️
  • Every single hour! We add 2,000-3,000 new jobs daily, so you'll always have fresh opportunities. 🚀
  • Typically, job searches take 3-6 months. EchoJobs helps you spend more time applying and less time hunting. 🎯
  • Check daily! We're always updating with new jobs. Set up job alerts for even quicker access. 📅

What Fellow Engineers Say