ActiveJobs

Product Security Engineer II

Medtronic · Nanakramguda, Hyderabad, India

Full-timeOn-sitePosted 14 July 2026
Apply on Company Site →

Job description

Careers that change lives start here. Medtronic is a global leader in healthcare technology with a Mission to alleviate pain, restore health, and extend life. Our 95,000 employees work across more than 150 countries to put patients first — developing innovative medical technologies that improve the lives of 72+ million patients each year. Your unique talents will help shape the future of healthcare while building a career grounded in purpose, growth, and impact. A Day in the LifeHiring for Aditi Thakur's position Responsibilities may include the following and other duties may be assigned: Product Security Engineering Perform security risk assessments throughout the product development lifecycle. Conduct threat modeling exercises using methodologies such as: STRIDE, Attack Trees, MITRE ATT&CK, CVSS, Identify product security requirements and ensure implementation of appropriate security controls. Review system, software, cloud, and network architectures from a security perspective. Collaborate with development teams to design secure products and mitigate identified risks. Security Testing & Validation Plan and execute security testing activities, including: Vulnerability assessments Penetration testing Secure code reviews Security regression testing Protocol and network security testing Analyze, prioritize, and track vulnerabilities through remediation and verification. Work with development teams to implement corrective actions and security improvements. Secure Development Lifecycle (SDL) Integrate cybersecurity activities into product development processes. Support security design reviews and security architecture assessments. Define and monitor security KPIs and product security metrics. Conduct security impact assessments for product enhancements and sustaining engineering activities. Compliance & Regulatory Support Support compliance activities related to:FDA Cybersecurity Guidance, AAMI TIR57, AAMI TIR97 IEC 62304, ISO 14971, IEC 81001-5-1, NIST Cybersecurity Framework, NIST 800-53, NIST Secure Software Development Framework (SSDF) Participate in cybersecurity documentation for regulatory submissions and audits. Vulnerability Management Monitor vulnerabilities from: CVE, NVD, CISA Advisories, Third-party software suppliers Perform impact assessments and remediation planning. Support coordinated vulnerability disclosure and post-market cybersecurity activities. Automation & Tool Development Develop scripts and automation tools using Python or similar scripting languages. Automate security analysis, vulnerability scanning, data collection, and reporting activities. Support CI/CD security integration and DevSecOps initiatives. Required Knowledge and Experience Bachelor's or Master's degree in: Computer Science, Cybersecurity, Software Engineering, Electronics Engineering, Information Security, Related Engineering Discipline 5–7 years of experience in Product Security, Application Security, Cybersecurity Engineering, or Medical Device Security. Experience working with regulated medical devices or healthcare products is highly preferred. Experience securing connected products, embedded systems, desktop applications, cloud services, or IoT platforms. Required Technical Skills Security Risk & Threat Modeling Security Testing; Penetration Testing, Vulnerability Assessment, Secure Code Review Network Security Testing, Web and API Security Testing Security Tools: Experience with one or more of the following: Application Security: Burp Suite, OWASP ZAP, Checkmarx, Fortify, Veracode, SonarQube, Nessus, Nmap, Wireshark, Metasploit Container & Cloud Security: rivy, Snyk, Prisma Cloud, Microsoft Defender for Cloud, AWS Security Services SBOM & Dependency Analysis: Dependency-Track, CycloneDX Tools Programming & Automation Python (Required); PowerShell or Bash (Preferred) Physical Job Requirements The above statements are intended to describe the general nature and level of work being performed by employees assigned to this position, but they are not an exhaustive list of all the required responsibilities and skills of this position. ‌ Recruitment Fraud Alert We are aware of phishing scams targeting job seekers. Please keep the following in mind: Apply only through official Medtronic channels. All legitimate Medtronic recruiting communications come from approved Medtronic platforms and official @medtronic.com email addresses. Medtronic will never ask for payment or sensitive personal information (such as bank account or Social Security details) during early stages of the hiring process. Any such requests are not legitimate. If you receive a suspicious message claiming to be from Medtronic, do not respond, click links, or open attachments. If you have any questions, concerns regarding the authenticity of a communication alleged to have been made by or on behalf of Medtronic, please contact us immediately at AskHR@medtronic.com. ‌ Benefits & CompensationMedtronic offers a competitive Salary and flexible Benefits Package A commitment to our employees lives at the core of our values. We recognize their contributions. They share in the success they help to create. We offer a wide range of benefits, resources, and competitive compensation plans designed to support you at every career and life stage. This position is eligible for a short-term incentive called the Medtronic Incentive Plan (MIP).

Verified and listed by ActiveJobs. Applications are made directly on Medtronic's own career page — we never sit in the middle.