Principal Product Security Engineer

ConfidentialHyderabad / Secunderabad, Telangana, India

7 days ago

Job description

At Medtronic you can begin a life-long career of exploration and innovation, while helping champion healthcare access and equity for all. You'll lead with purpose, breaking down barriers to innovation in a more connected, compassionate world.

A Day in the Life

We value what makes you unique. Be a part of a company that thinks differently to solve problems, make progress, and deliver meaningful innovations.

The Cardiac and Vascular Group brings all our cardiac and vascular businesses together into one cross-functional, collaborative operating unit to employ the full breadth of our talent, technologies, products, services, and solutions to address the needs of customers and patients across the globe. Cardiac Rhythm Management offers devices and therapies to treat abnormal heart rhythms, as well as cardiac monitoring solutions. Be on the frontlines of the emerging area of medical device cybersecurity as an integral member and technical leader within a team responsible for creating, deploying, and monitoring cybersecurity and information security solutions for Medtronic's medical devices and supporting IT infrastructure. Interact with external and internal cybersecurity researchers to identify and remediate vulnerabilities within Medtronic products and systems. Work directly with R&D teams to ensure all relevant security risks are identified and evaluated, and appropriate and well-balanced solutions are implemented. Develop project security management deliverables for regulatory bodies to comply with standards / guidance documents, and successfully communicate cybersecurity technology to customers, regulatory bodies, and other stakeholders.

Responsibilities may include the following and other duties may be assigned

Lead and perform product and device-oriented cybersecurity-related activities ranging from incident response to vulnerability assessments and mitigation implementation.
Develop and perform product-level intrusion detection activities.
Lead product risk assessments in conjunction with product R&D teams and develop and recommend specific security controls for product / system wide security needs.
Participate in the creation and testing of product security-related requirements and processes.
Manage security-related deliverables for regulatory bodies, ensuring compliance with key standards / guidance documents.
Evaluate and test security risks on programs across the entire development lifecycle, including market-released products.
Support emerging cybersecurity certification initiatives.
Maintain and update security documentation.
Create and maintain threat models using STRIDE.

Required Knowledge And Experience

An undergraduate (bachelors) or graduate degree in computer science, computer engineering, electrical engineering, or similar discipline.

CISSP or similar certification, or sufficient demonstrated experience

Experience in embedded devices vulnerability assessment, especially medical devices and Threat Modelling and risk scoring

Formal education in cybersecurity and information assurance.

Minimum 12-year experience & 4 years of technical, cybersecurity-related experience,

Experience in analyzing security posture and vulnerability assessment

experience in penetration testing, fuzz testing of Web, enterprise cloud and Desktop solutions, (Black box, gray box and Whitebox testing)

Experience in static code analysis for security vulnerability

Software Product Development experience, Programming skills in one or more of the following : C, C++, Python, Java, .NET, Go, Ruby and / or Scala

Understanding of national and international laws, regulations, and policies related to regulated medical device cybersecurity

Demonstrated understanding of information security practices, risk management processes, cybersecurity principles, and incident response methodologies

Experience as an analyst, engineer, developer, or architect with core cybersecurity responsibility and knowledge in two or more areas.

Experience in leading application architecture reviews and threat assessments

Cloud systems architecture and security

Enterprise and local network infrastructure security

Experience in code reviews and / or penetration testing

Large-scale application architecture and security

Mobile device application architecture and security

Risk assessments and cybersecurity regulatory requirements

Experience in static and dynamic code analysis tools and methodologies

Medical devices and systems security experience

Security incident management experience

Log event management and searching experience (Splunk, Sentinel, or similar)

In-depth OS systems-level experience within one or more of the following : Linux, Windows, Android, iOS

Demonstrated understanding of networking (ports / protocols), firewalls, load balancers and IPS

Expertise in Agile and can work with at least one of the common frameworks

Experience in Healthcare industry or other heavily regulated industry.

Understanding of national and international laws, regulations, and policies related to regulated medical device cybersecurity

Experience with container technologies such as Docker, Kubernetes, Mesos, or Open Container Initiative (OCI)

Demonstrated ability to develop and grow productive, trusting, and open relationships with a wide variety of constituencies.

Demonstrated leadership and teamwork skills

Demonstrated ability to communicate complexity in a clear manner

Demonstrated experience interfacing with customers and other external stakeholders regarding cybersecurity system design and behavior

Demonstrated strong analytical, problem-solving skills

Physical Job Requirements

The above statements are intended to describe the general nature and level of work being performed by employees assigned to this position, but they are not an exhaustive list of all the required responsibilities and skills of this position.

Benefits & Compensation

Medtronic offers a competitive Salary and flexible Benefits Package

A commitment to our employees lives at the core of our values. We recognize their contributions. They share in the success they help to create. We offer a wide range of benefits, resources, and competitive compensation plans designed to support you at every career and life stage.

About Medtronic

We lead global healthcare technology and boldly attack the most challenging health problems facing humanity by searching out and finding solutions.

Our Mission — to alleviate pain, restore health, and extend life — unites a global team of 95,000+ passionate people.

We are engineers at heart— putting ambitious ideas to work to generate real solutions for real people. From the R&D lab, to the factory floor, to the conference room, every one of us experiments, creates, builds, improves and solves. We have the talent, diverse perspectives, and guts to engineer the extraordinary.

Learn more about our business, mission, and our commitment to diversity here

Skills Required

Penetration Testing, static code analysis , Software Product Development, Cybersecurity, fuzz testing , Vulnerability Assessment

Create a job alert for this search

Product Security Engineer • Hyderabad / Secunderabad, Telangana, India

Related jobs

Promoted

Lead Security Engineer

interface.aiHyderabad, IN

Our cutting-edge Generative AI-powered platform serves over 100 banks and credit unions, delivering hyper-personalized customer interactions across voice, chat, and employee-assisting solutions.To ...Show moreLast updated: 30+ days ago

Promoted

Principal Application Security Engineer

QualiZealHyderabad, Republic Of India, IN

Application Security Architect.This role will collaborate with engineering, DevOps, Operations, InfoSec teams to embed security into the software development lifecycle (SDLC), define secure archite...Show moreLast updated: 3 days ago

Promoted

Product Security Lead

OLYMPUS MEDICAL SYSTEMS INDIA PRIVATE LIMITEDHyderabad, Republic Of India, IN

BS, Master or equivalent degree in Computer Engineering, Software Engineering, Cybersecurity or other related fields.Minimum of 7 years of professional experience within Information Technology, Sof...Show moreLast updated: 3 days ago

Promoted

Global Product Security Architect

OLYMPUS MEDICAL SYSTEMS INDIA PRIVATE LIMITEDHyderabad, Republic Of India, IN

Promoted

Lead Security Engineer

ArcanaHyderabad, IN

As our Lead Security Engineer, you'll own and elevate Arcana's overall security posture - cloud, on-prem, and everything in between. You'll design and enforce policies, automate controls, and harden...Show moreLast updated: 30+ days ago

Promoted

Product Security Engineer - Vulnerability Management

Horizontal TalentHyderabad

Job Summary : We are seeking a skilled and motivated Medical Device Product Security Engineer to join our cross-functional product development team...Show moreLast updated: 30+ days ago

Promoted

Product Security Test Engineer

OLYMPUS MEDICAL SYSTEMS INDIA PRIVATE LIMITEDHyderabad, Republic Of India, IN

BS, Master or equivalent degree in Computer Engineering, Software Engineering, Cybersecurity or other related fields.Minimum of 6 years of professional experience within Information Technology, Sof...Show moreLast updated: 3 days ago

Promoted

Senior Product Security Engineer

ConfidentialHyderabad / Secunderabad, Telangana, India

Promoted

Product Security Specialist

OLYMPUS MEDICAL SYSTEMS INDIA PRIVATE LIMITEDHyderabad, Republic Of India, IN

BS, Master or equivalent degree in Computer Engineering, Software Engineering, Cybersecurity or other related fields.Minimum of 5 years of professional experience within Information Technology, Sof...Show moreLast updated: 3 days ago

Promoted

Senior Lead Product Security Engineer

ConfidentialHyderabad / Secunderabad, Telangana

As a Senior Lead Product Security Engineer, you will be responsible for : .Building and executing engineering processes for early detection of design flaws, vulnerabilities, weaknesses, missing secur...Show moreLast updated: 30+ days ago

Promoted

Principal Engineer, Software - Security Operations [T500-20382]

TMUS Global Solutionshyderabad, telangana, in

NASDAQ : TMUS), headquartered in Bellevue, Washington, is America’s supercharged Un-carrier, connecting millions through its strong nationwide network and flagship brands, T-Mobile and Metro by T-Mo...Show moreLast updated: 29 days ago

Promoted

Principal Engineer, Software - Security Operations T500-20382

TMUS Global SolutionsHyderabad, Republic Of India, IN

Promoted

Principal Technical Engineer(Pharmacovigilance - Signal Detection Solutions)

Qinecsa SolutionsHyderabad, IN

We are seeking a Principal Technical Engineer to design and develop pharmacovigilance signal detection solutions based on our flagship Qinecsa Vigilance Workbench signal detection platform.The idea...Show moreLast updated: 24 days ago

Promoted

Product Security Engineer

ConfidentialHyderabad / Secunderabad, Telangana, India

We are seeking an experienced Product Security Engineer to join our team and help build security into every aspect of our product development lifecycle. In this role, you'll work closely with engine...Show moreLast updated: 7 days ago

Promoted

Medtronic - Product Security Engineer II - Vulnerability Assessment

Medtronic (Medtronic)(279)Hyderabad

Description : At Medtronic you can begin a life-long career of exploration and innovation, while helping champion health...Show moreLast updated: 2 days ago

Promoted

Product Security Engineer II

ConfidentialHyderabad / Secunderabad, Telangana, India

Promoted

Sr Product Security Engineer

ConfidentialHyderabad / Secunderabad, Telangana, India

It all started in sunny San Diego, California in 2004 when a visionary engineer, Fred Luddy, saw the potential to transform how we work. Fast forward to today — ServiceNow stands as a global market ...Show moreLast updated: 7 days ago

Promoted

Principal Security Operations Engineer

TMUS Global SolutionsHyderabad, Republic Of India, IN