Jobs · Information Technology · Minnesota

Sr. Product Security Engineer - (Embedded/IoT) - Onsite

Medtronic · Minneapolis, MN · 1 wk ago
On-siteInformation Technology$132k–$198k/yrFull-time

Key Responsibilities

  • Product Security Engineering – Embed security requirements into the medical device development lifecycle, partnering with R&D and systems teams from architecture through release.
  • Threat Modeling & Risk Assessment – Perform system-level threat modeling (e.g., STRIDE or similar), attack surface analysis, and vulnerability assessments for connected and embedded medical devices.
  • Secure Architecture – Support and review implementation of device security capabilities, such as: Secure boot and root of trust, secure firmware/software update mechanisms, device identity and authentication, secure communications and protocol hardening, data protection at rest and in transit.
  • Cryptography & Post-Quantum Readiness – Apply modern cryptographic principles and support forward-looking strategies, including quantum-resistant approaches where applicable.
  • Secure SDLC Integration – Partner with agile development teams to embed security into design reviews, code reviews, CI/CD pipelines, and verification activities.
  • Verification & Validation – Define and support security V&V activities, including penetration testing, static/dynamic analysis, fuzz testing, and vulnerability management.
  • Standards & Compliance – Ensure alignment with medical device cybersecurity expectations, including: FDA premarket cybersecurity guidance, IEC 81001-5-1, ISO 14971, NIST frameworks, relevant Medtronic quality processes.

Minimum Requirements

  • Bachelor’s degree in Computer Science, Computer Engineering, Electrical Engineering, or related technical field
  • 4+ years of experience OR advanced degree with 2+ years of relevant experience

Preferred

  • Medical device cybersecurity experience
  • Experience with IEC 81001-5-1
  • Experience with FDA cybersecurity submissions
  • Medical device cybersecurity certifications (Security+, CISSP, etc.)
  • Embedded/device security and IoT security experience
  • Product security engineering experience

Physical Job Requirements

The above statements are intended to describe the general nature and level of work being performed by employees assigned to this position, but they are not an exhaustive list of all the required responsibilities and skills of this position. The physical demands described within the Responsibilities section of this job description are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

Onsite

We’re working onsite 4 days a week at our Minnesota Rice Creek East facility, to drive performance, foster an environment of belonging, and collaborate to inspire as we engineer the extraordinary.

Benefits & Compensation

  • Competitive Salary and flexible Benefits Package
  • Health, Dental and vision insurance, Health Savings Account, Healthcare Flexible Spending Account, Life insurance, Long-term disability leave, Dependent daycare spending account, Tuition assistance/reimbursement, and Simple Steps (global well-being program).
  • Short-term disability, Paid time off, Paid holidays, Employee Stock Purchase Plan, Employee Assistance Program, Non-qualified Retirement Plan Supplement (subject to IRS earning minimums), and Capital Accumulation Plan (available to Vice Presidents and above, or subject to IRS earning minimums).

Similar jobs

Sr. Product Security Engineer

Rivian and Volkswagen Group TechnologiesPalo Alto, CA· 1 wk ago
Information Technology$163k–$204k/yrapply on jobs.ashbyhq.com