At Medtronic you can begin a life-long career of exploration and innovation, while helping champion healthcare access and equity for all. You'll lead with purpose, breaking down barriers to innovation in a more connected, compassionate world.
A Day in the Life
We are seeking a highly skilled and experiencedSenior Mobile Application Security Engineerto lead the security efforts for our mobile platforms (iOS and Android). You will be responsible for identifying vulnerabilities, implementing security best practices, and working closely with development teams to ensure secure mobile application design and deployment.
Senior Product Security Engineer
At Medtronic you can begin a life-long career of exploration and innovation, while helping champion healthcare access and equity for all. You'll lead with purpose, breaking down barriers to innovation in a more connected, compassionate world.
A Day in the Life
We value what makes you unique. Be a part of a company that thinks differently to solve problems, make progress, and deliver meaningful innovations.
The Cardiac and Vascular Group brings all our cardiac and vascular businesses together into one cross-functional, collaborative operating unit to employ the full breadth of our talent, technologies, products, services, and solutions to address the needs of customers and patients across the globe. Cardiac Rhythm Management offers devices and therapies to treat abnormal heart rhythms, as well as cardiac monitoring solutions. Be on the frontlines of the emerging area of medical device cybersecurity as an integral member and technical leader within a team responsible for creating, deploying, and monitoring cybersecurity and information security solutions for Medtronic's medical devices and supporting IT infrastructure. Interact with external and internal cybersecurity researchers to identify and remediate vulnerabilities within Medtronic products and systems. Work directly with R&D teams to ensure all relevant security risks are identified and evaluated, and appropriate and well-balanced solutions are implemented. Develop project security management deliverables for regulatory bodies to comply with standards / guidance documents, and successfully communicate cybersecurity technology to customers, regulatory bodies, and other stakeholders.
Responsibilities may include the following and other duties may be assigned
- Scope, conduct, and report results of product security penetration tests to key stakeholders.
- Contribute ideas to the team to help design test scenarios and improve penetration testing processes.
- Coach junior members on the team and review testing results to ensure accuracy and completeness.
- Rate the severity of vulnerabilities that are identified through testing
- Stay up to date on current security knowledge.
- Perform hardware penetration testing and side-channel analysis (e.g., fault injection, power analysis, glitching).
- Employ a variety of test methods to perform comprehensive vulnerability assessment and penetration testing of products.
- Identify and leverage appropriate tools and techniques to accomplish testing.
- Coordinate with product development engineers to ensure understanding of findings.
- Document, communicate, and summarize the results of testing to relevant stakeholders, including formal test reports.
Required Experience and Knowledge:
Must Have: Minimum Requirements
- An undergraduate (bachelors) or graduate degree in computer science, computer engineering, electrical engineering, or similar discipline.
- Minimum 8 10 year experience & 5 years of technical, cybersecurity-related experience.
Nice to Have:
- Experience in Product Security testing, direct experience in penetration testing.
- Penetration Testing Certifications (e.g. CEH, OSCP, OSWA, GPEN, GMOB, Pentest+, etc.).
- Identify and exploit hardware vulnerabilities including debug port access (JTAG/SWD/UART), firmware extraction, and key leakage.
- Conduct chip-level and board-level assessments to ensure physical tamper resistance and secure boot implementation.
- Analyze PCB layouts, schematics, and hardware interfaces to identify potential attack vectors.
- Validate security of cryptographic modules, secure elements, and TPM/TEE implementations.
- Conduct end-to-end IoT device assessments, including cloud, mobile app, and network layers.
- Evaluate firmware and protocol security (MQTT, CoAP, BLE, Zigbee, Z-Wave, Wi-Fi, LTE, etc.).
- Perform static and dynamic analysis of firmware to detect vulnerabilities.
- Assess OTA update mechanisms, secure communication (TLS, DTLS, MQTT over SSL), and key management.
- Use industry-standard frameworks such as OWASP IoT Top 10 and IEC 62443 for testing and reporting.
Physical Job Requirements
The above statements are intended to describe the general nature and level of work being performed by employees assigned to this position, but they are not an exhaustive list of all the required responsibilities and skills of this position.
Benefits & Compensation
Medtronic offers a competitive salary and flexible Benefits Package
A commitment to our employees lives at the core of our values. We recognize their contributions. They share in the success they help to create. We offer a wide range of benefits, resources, and competitive compensation plans designed to support you at every career and life stage.
Physical Job Requirements
The above statements are intended to describe the general nature and level of work being performed by employees assigned to this position, but they are not an exhaustive list of all the required responsibilities and skills of this position.
Medtronic Offers a Competitive Salary And Flexible Benefits Package
A commitment to our employees lives at the core of our values. We recognize their contributions. They share in the success they help to create. We offer a wide range of benefits, resources, and competitive compensation plans designed to support you at every career and life stage.
This position is eligible for a short-term incentive called the Medtronic Incentive Plan (MIP).
About Medtronic
We lead global healthcare technology and boldly attack the most challenging health problems facing humanity by searching out and finding solutions.
Our Mission to alleviate pain, restore health, and extend life unites a global team of 95,000+ passionate people.
We are engineers at heart putting ambitious ideas to work to generate real solutions for real people. From the R&D lab, to the factory floor, to the conference room, every one of us experiments, creates, builds, improves and solves. We have the talent, diverse perspectives, and guts to engineer the extraordinary.
Learn more about our business, mission, and our commitment to diversity here
