Senior Product Security Engineer
Medtronic
Senior Product Security Engineer
Job Description
At Medtronic you can begin a life-long career of exploration and innovation, while helping champion healthcare access and equity for all. You’ll lead with purpose, breaking down barriers to innovation in a more connected, compassionate world.
A Day in the Life
We are seeking a highly skilled and experienced Senior Mobile Application Security Engineer to lead the security efforts for our mobile platforms (iOS and Android). You will be responsible for identifying vulnerabilities, implementing security best practices, and working closely with development teams to ensure secure mobile application design and deployment.Senior Product Security Engineer
At Medtronic you can begin a life-long career of exploration and innovation, while helping champion healthcare access and equity for all. You’ll lead with purpose, breaking down barriers to innovation in a more connected, compassionate world.
A Day in the Life
We value what makes you unique. Be a part of a company that thinks differently to solve problems, make progress, and deliver meaningful innovations.
The Cardiac and Vascular Group brings all our cardiac and vascular businesses together into one cross-functional, collaborative operating unit to employ the full breadth of our talent, technologies, products, services, and solutions to address the needs of customers and patients across the globe. Cardiac Rhythm Management offers devices and therapies to treat abnormal heart rhythms, as well as cardiac monitoring solutions. Be on the frontlines of the emerging area of medical device cybersecurity as an integral member and technical leader within a team responsible for creating, deploying, and monitoring cybersecurity and information security solutions for Medtronic’s medical devices and supporting IT infrastructure. Interact with external and internal cybersecurity researchers to identify and remediate vulnerabilities within Medtronic products and systems. Work directly with R&D teams to ensure all relevant security risks are identified and evaluated, and appropriate and well-balanced solutions are implemented. Develop project security management deliverables for regulatory bodies to comply with standards / guidance documents, and successfully communicate cybersecurity technology to customers, regulatory bodies, and other stakeholders.
Responsibilities may include the following and other duties may be assigned
Scope, conduct, and report results of product security penetration tests to key stakeholders.
Contribute ideas to the team to help design test scenarios and improve penetration testing processes.
Coach junior members on the team and review testing results to ensure accuracy and completeness.
Rate the severity of vulnerabilities that are identified through testing
Stay up to date on current security knowledge.
Perform hardware penetration testing and side-channel analysis (e.g., fault injection, power analysis, glitching).
Employ a variety of test methods to perform comprehensive vulnerability assessment and penetration testing of products.
Identify and leverage appropriate tools and techniques to accomplish testing.
Coordinate with product development engineers to ensure understanding of findings.
Document, communicate, and summarize the results of testing to relevant stakeholders, including formal test reports.
Required Experience and Knowledge:
Must Have: Minimum Requirements
An undergraduate (bachelors) or graduate degree in computer science, computer engineering, electrical engineering, or similar discipline.
Minimum 8 – 10 year experience & 5 years of technical, cybersecurity-related experience.
Nice to Have:
Experience in Product Security testing, direct experience in penetration testing.
Penetration Testing Certifications (e.g. CEH, OSCP, OSWA, GPEN, GMOB, Pentest+, etc.).
Identify and exploit hardware vulnerabilities including debug port access (JTAG/SWD/UART), firmware extraction, and key leakage.
Conduct chip-level and board-level assessments to ensure physical tamper resistance and secure boot implementation.
Analyze PCB layouts, schematics, and hardware interfaces to identify potential attack vectors.
Validate security of cryptographic modules, secure elements, and TPM/TEE implementations.
Conduct end-to-end IoT device assessments, including cloud, mobile app, and network layers.
Evaluate firmware and protocol security (MQTT, CoAP, BLE, Zigbee, Z-Wave, Wi-Fi, LTE, etc.).
Perform static and dynamic analysis of firmware to detect vulnerabilities.
Assess OTA update mechanisms, secure communication (TLS, DTLS, MQTT over SSL), and key management.
Use industry-standard frameworks such as OWASP IoT Top 10 and IEC 62443 for testing and reporting.
Physical Job Requirements
The above statements are intended to describe the general nature and level of work being performed by employees assigned to this position, but they are not an exhaustive list of all the required responsibilities and skills of this position.
Benefits & Compensation
Medtronic offers a competitive salary and flexible Benefits Package
A commitment to our employees lives at the core of our values. We recognize their contributions. They share in the success they help to create. We offer a wide range of benefits, resources, and competitive compensation plans designed to support you at every career and life stage.
Physical Job Requirements
The above statements are intended to describe the general nature and level of work being performed by employees assigned to this position, but they are not an exhaustive list of all the required responsibilities and skills of this position.
Benefits & Compensation
Medtronic offers a competitive Salary and flexible Benefits Package
A commitment to our employees lives at the core of our values. We recognize their contributions. They share in the success they help to create. We offer a wide range of benefits, resources, and competitive compensation plans designed to support you at every career and life stage.
This position is eligible for a short-term incentive called the Medtronic Incentive Plan (MIP).
About Medtronic
We lead global healthcare technology and boldly attack the most challenging health problems facing humanity by searching out and finding solutions.
Our Mission — to alleviate pain, restore health, and extend life — unites a global team of 95,000+ passionate people.
We are engineers at heart— putting ambitious ideas to work to generate real solutions for real people. From the R&D lab, to the factory floor, to the conference room, every one of us experiments, creates, builds, improves and solves. We have the talent, diverse perspectives, and guts to engineer the extraordinary.
Learn more about our business, mission, and our commitment to diversity here
Locations
- Nanakramguda, Hyderabad, India
Salary
2,000,000 - 4,500,000 INR / yearly
Source: AI Estimation
* This is an estimated range based on market data and may vary based on experience and qualifications.
Skills Required
- product security penetration testingintermediate
- hardware penetration testingintermediate
- side-channel analysis (fault injection, power analysis, glitching)intermediate
- vulnerability assessmentintermediate
- identifying and exploiting hardware vulnerabilities (JTAG/SWD/UART, firmware extraction, key leakage)intermediate
- chip-level and board-level assessmentsintermediate
- PCB layouts, schematics, and hardware interfaces analysisintermediate
- validating security of cryptographic modules, secure elements, TPM/TEEintermediate
- end-to-end IoT device assessments (cloud, mobile app, network)intermediate
- firmware and protocol security evaluation (MQTT, CoAP, BLE, Zigbee, Z-Wave, Wi-Fi, LTE)intermediate
- static and dynamic firmware analysisintermediate
- OTA update mechanisms assessmentintermediate
- secure communication (TLS, DTLS, MQTT over SSL)intermediate
- key managementintermediate
- using frameworks like OWASP IoT Top 10 and IEC 62443intermediate
- staying up to date on current security knowledgeintermediate
Required Qualifications
- undergraduate (bachelors) or graduate degree in computer science, computer engineering, electrical engineering, or similar (experience)
- minimum 8–10 years experience (experience)
- minimum 5 years technical cybersecurity-related experience (experience)
- penetration testing certifications (CEH, OSCP, OSWA, GPEN, GMOB, Pentest+) (experience)
- experience in product security testing (experience)
- direct experience in penetration testing (experience)
Responsibilities
- scope, conduct, and report results of product security penetration tests
- contribute ideas to design test scenarios and improve penetration testing processes
- coach junior members and review testing results
- rate severity of vulnerabilities
- perform hardware penetration testing and side-channel analysis
- employ variety of test methods for comprehensive vulnerability assessment
- identify and leverage appropriate tools and techniques
- coordinate with product development engineers
- document, communicate, and summarize testing results including formal reports
- interact with external and internal cybersecurity researchers to identify and remediate vulnerabilities
- work with R&D teams to identify, evaluate security risks and implement solutions
- develop project security management deliverables for regulatory compliance
- communicate cybersecurity technology to customers, regulatory bodies, and stakeholders
Benefits
- general: competitive salary
- general: flexible benefits package
- general: wide range of benefits and resources
- general: competitive compensation plans
- general: Medtronic Incentive Plan (MIP)
- general: support at every career and life stage
Answer 10 quick questions to check your fit for Senior Product Security Engineer @ Medtronic.
Related Books and Jobs
Senior Product Security Engineer
Medtronic
Senior Product Security Engineer
Job Description
At Medtronic you can begin a life-long career of exploration and innovation, while helping champion healthcare access and equity for all. You’ll lead with purpose, breaking down barriers to innovation in a more connected, compassionate world.
A Day in the Life
We are seeking a highly skilled and experienced Senior Mobile Application Security Engineer to lead the security efforts for our mobile platforms (iOS and Android). You will be responsible for identifying vulnerabilities, implementing security best practices, and working closely with development teams to ensure secure mobile application design and deployment.Senior Product Security Engineer
At Medtronic you can begin a life-long career of exploration and innovation, while helping champion healthcare access and equity for all. You’ll lead with purpose, breaking down barriers to innovation in a more connected, compassionate world.
A Day in the Life
We value what makes you unique. Be a part of a company that thinks differently to solve problems, make progress, and deliver meaningful innovations.
The Cardiac and Vascular Group brings all our cardiac and vascular businesses together into one cross-functional, collaborative operating unit to employ the full breadth of our talent, technologies, products, services, and solutions to address the needs of customers and patients across the globe. Cardiac Rhythm Management offers devices and therapies to treat abnormal heart rhythms, as well as cardiac monitoring solutions. Be on the frontlines of the emerging area of medical device cybersecurity as an integral member and technical leader within a team responsible for creating, deploying, and monitoring cybersecurity and information security solutions for Medtronic’s medical devices and supporting IT infrastructure. Interact with external and internal cybersecurity researchers to identify and remediate vulnerabilities within Medtronic products and systems. Work directly with R&D teams to ensure all relevant security risks are identified and evaluated, and appropriate and well-balanced solutions are implemented. Develop project security management deliverables for regulatory bodies to comply with standards / guidance documents, and successfully communicate cybersecurity technology to customers, regulatory bodies, and other stakeholders.
Responsibilities may include the following and other duties may be assigned
Scope, conduct, and report results of product security penetration tests to key stakeholders.
Contribute ideas to the team to help design test scenarios and improve penetration testing processes.
Coach junior members on the team and review testing results to ensure accuracy and completeness.
Rate the severity of vulnerabilities that are identified through testing
Stay up to date on current security knowledge.
Perform hardware penetration testing and side-channel analysis (e.g., fault injection, power analysis, glitching).
Employ a variety of test methods to perform comprehensive vulnerability assessment and penetration testing of products.
Identify and leverage appropriate tools and techniques to accomplish testing.
Coordinate with product development engineers to ensure understanding of findings.
Document, communicate, and summarize the results of testing to relevant stakeholders, including formal test reports.
Required Experience and Knowledge:
Must Have: Minimum Requirements
An undergraduate (bachelors) or graduate degree in computer science, computer engineering, electrical engineering, or similar discipline.
Minimum 8 – 10 year experience & 5 years of technical, cybersecurity-related experience.
Nice to Have:
Experience in Product Security testing, direct experience in penetration testing.
Penetration Testing Certifications (e.g. CEH, OSCP, OSWA, GPEN, GMOB, Pentest+, etc.).
Identify and exploit hardware vulnerabilities including debug port access (JTAG/SWD/UART), firmware extraction, and key leakage.
Conduct chip-level and board-level assessments to ensure physical tamper resistance and secure boot implementation.
Analyze PCB layouts, schematics, and hardware interfaces to identify potential attack vectors.
Validate security of cryptographic modules, secure elements, and TPM/TEE implementations.
Conduct end-to-end IoT device assessments, including cloud, mobile app, and network layers.
Evaluate firmware and protocol security (MQTT, CoAP, BLE, Zigbee, Z-Wave, Wi-Fi, LTE, etc.).
Perform static and dynamic analysis of firmware to detect vulnerabilities.
Assess OTA update mechanisms, secure communication (TLS, DTLS, MQTT over SSL), and key management.
Use industry-standard frameworks such as OWASP IoT Top 10 and IEC 62443 for testing and reporting.
Physical Job Requirements
The above statements are intended to describe the general nature and level of work being performed by employees assigned to this position, but they are not an exhaustive list of all the required responsibilities and skills of this position.
Benefits & Compensation
Medtronic offers a competitive salary and flexible Benefits Package
A commitment to our employees lives at the core of our values. We recognize their contributions. They share in the success they help to create. We offer a wide range of benefits, resources, and competitive compensation plans designed to support you at every career and life stage.
Physical Job Requirements
The above statements are intended to describe the general nature and level of work being performed by employees assigned to this position, but they are not an exhaustive list of all the required responsibilities and skills of this position.
Benefits & Compensation
Medtronic offers a competitive Salary and flexible Benefits Package
A commitment to our employees lives at the core of our values. We recognize their contributions. They share in the success they help to create. We offer a wide range of benefits, resources, and competitive compensation plans designed to support you at every career and life stage.
This position is eligible for a short-term incentive called the Medtronic Incentive Plan (MIP).
About Medtronic
We lead global healthcare technology and boldly attack the most challenging health problems facing humanity by searching out and finding solutions.
Our Mission — to alleviate pain, restore health, and extend life — unites a global team of 95,000+ passionate people.
We are engineers at heart— putting ambitious ideas to work to generate real solutions for real people. From the R&D lab, to the factory floor, to the conference room, every one of us experiments, creates, builds, improves and solves. We have the talent, diverse perspectives, and guts to engineer the extraordinary.
Learn more about our business, mission, and our commitment to diversity here
Locations
- Nanakramguda, Hyderabad, India
Salary
2,000,000 - 4,500,000 INR / yearly
Source: AI Estimation
* This is an estimated range based on market data and may vary based on experience and qualifications.
Skills Required
- product security penetration testingintermediate
- hardware penetration testingintermediate
- side-channel analysis (fault injection, power analysis, glitching)intermediate
- vulnerability assessmentintermediate
- identifying and exploiting hardware vulnerabilities (JTAG/SWD/UART, firmware extraction, key leakage)intermediate
- chip-level and board-level assessmentsintermediate
- PCB layouts, schematics, and hardware interfaces analysisintermediate
- validating security of cryptographic modules, secure elements, TPM/TEEintermediate
- end-to-end IoT device assessments (cloud, mobile app, network)intermediate
- firmware and protocol security evaluation (MQTT, CoAP, BLE, Zigbee, Z-Wave, Wi-Fi, LTE)intermediate
- static and dynamic firmware analysisintermediate
- OTA update mechanisms assessmentintermediate
- secure communication (TLS, DTLS, MQTT over SSL)intermediate
- key managementintermediate
- using frameworks like OWASP IoT Top 10 and IEC 62443intermediate
- staying up to date on current security knowledgeintermediate
Required Qualifications
- undergraduate (bachelors) or graduate degree in computer science, computer engineering, electrical engineering, or similar (experience)
- minimum 8–10 years experience (experience)
- minimum 5 years technical cybersecurity-related experience (experience)
- penetration testing certifications (CEH, OSCP, OSWA, GPEN, GMOB, Pentest+) (experience)
- experience in product security testing (experience)
- direct experience in penetration testing (experience)
Responsibilities
- scope, conduct, and report results of product security penetration tests
- contribute ideas to design test scenarios and improve penetration testing processes
- coach junior members and review testing results
- rate severity of vulnerabilities
- perform hardware penetration testing and side-channel analysis
- employ variety of test methods for comprehensive vulnerability assessment
- identify and leverage appropriate tools and techniques
- coordinate with product development engineers
- document, communicate, and summarize testing results including formal reports
- interact with external and internal cybersecurity researchers to identify and remediate vulnerabilities
- work with R&D teams to identify, evaluate security risks and implement solutions
- develop project security management deliverables for regulatory compliance
- communicate cybersecurity technology to customers, regulatory bodies, and stakeholders
Benefits
- general: competitive salary
- general: flexible benefits package
- general: wide range of benefits and resources
- general: competitive compensation plans
- general: Medtronic Incentive Plan (MIP)
- general: support at every career and life stage
Answer 10 quick questions to check your fit for Senior Product Security Engineer @ Medtronic.
Related Books and Jobs