Sr Product Security Engineer -Neuro

Senior Product Security Engineer – Neuro

Join to apply for the Sr Product Security Engineer – Neuro role at Medtronic
.

We anticipate the application window for this opening will close on 12 Jan 2026.

At Medtronic you can begin a life-long career of exploration and innovation while helping champion healthcare access and equity for all. You’ll lead with purpose, breaking down barriers to innovation in a more connected, compassionate world.

As the world becomes more connected, complexity and security challenges increase many folds to protect the devices, the patients and sensitive data. The Sr. Product Security Engineer will be acting at this frontline of these emerging challenges to proactively find actionable and measurable cyber security solutions while ensuring uninterrupted functionality and patient safety.

• Product Security – Implement security requirements across the medical device development lifecycle by collaborating with teams to uphold best practices from design to deployment.
• Risk Assessment – Conduct threat modeling and vulnerability assessments to identify and mitigate security risks throughout the product lifecycle.
• Security Architecture – Support the design and deployment of secure medical devices by implementing features like secure boot, communications, data protection, updates, integration, and access controls.
• Post-Quantum Strategy and Advanced Cryptography – Develop a comprehensive post-Quantum security strategy integrating quantum-resistant cryptographic algorithms and strong key management with HSM usage.
• Use of advanced methods like LLMs and deep learning to identify cyber security threats, bugs and automate fixing of code.
• Automation and AI for Cyber Security – Adopt advanced AI techniques, including large language models and deep learning, to efficiently identify, classify, and remediate cybersecurity vulnerabilities.
• Security Standards & Compliance – Ensure the implementation and maintenance of security policies for medical devices in accordance with industry standards and regulations, including NIST, IEC 60601-4-5, and IEC 81001-5-1.
• Incident Management – Oversee and support efficient security incident response, ensuring quick resolution, mitigation, and stakeholder communication as required.
• Follow the Trend – Maintain awareness of current cybersecurity trends in medical devices and health software through ongoing professional development, collaborating to refine product security strategies.

• Previous experience as a cybersecurity engineer for embedded software products in a regulated industry.
• Experience in cybersecurity, threat modeling, security incident management, and contributing to proactive security strategies.
• Hands‑on experience in cyber security architecture, cloud security, and cryptography.
• Experience working in agile software development teams.

• Either a Bachelor’s degree in Computer Science or a related field with a minimum of 4+ years of experience in cyber security, embedded systems security, IoT security, IT security, or a related role; OR an advanced degree with significant academic work on cyber security and a minimum of 2+ years of experience in the same areas.

• Experience with medical devices or regulated industries.
• Cyber Security expert with all‑round skills in proactive and reactive cyber security risk management.

• Strong understanding of cyber security concepts and frameworks (e.g., NIST, OWASP, MITRE).
• Familiarity with security standards such as ISO 27001, ISO 14971 or HITRUST.
• Working knowledge of secure software development lifecycle (SDLC) principles and Dev Sec Ops .
• Good understanding of advanced cryptography, hardware security module concepts, secure key generation and management.

• Proactive communication skills to identify, present and persuade leadership on cyber security risks.
• Strong problem‑solving and analytical skills.
• Ability to collaborate effectively in cross‑functional teams.

CompTIA Security+, CISSP, CISM, or similar security certifications.

ITIL Certification or other process‑oriented…