Medtronic Product Security Office (PSO) is looking for a Principal Product Security Penetration Testing Engineer to execute complex testing to identify vulnerabilities in Medtronic products and assist with the identification of mitigation strategies.
Requirements
- Minimum of 7 years of cybersecurity and/or secure software engineering experience
- OR advanced degree with 5 years of cybersecurity and/or secure software engineering experience.
- Experience in Product Security
- Direct experience in penetration testing
- Penetration Testing Certifications (e.g. CEH, OSCP, OSWA, GPEN, GMOB, Pentest+, etc.).
- Other Information Security Certifications (e.g. Security+, CISSP, CISM, GSEC, etc.).
- Experience assessing and testing the embedded security of regulated or safety critical devices.
Responsibilities
- Scope, conduct, and report results of product security penetration tests to key stakeholders
- Contribute ideas to the team to help design test scenarios and improve penetration testing processes
- Coach junior members on the team and review testing results to ensure accuracy and completeness
- Rate the severity of vulnerabilities that are identified through testing
- Stay up to date on current security knowledge
- Employ a variety of test methods to perform comprehensive vulnerability assessment and penetration testing of products
- Identify and leverage appropriate tools and techniques to accomplish testing
Other
- This role requires on-site work at a Medtronic facility four days per week.
- Candidates must live within a reasonable commute to any Medtronic office, with a preference for those based near the Minneapolis, MN, area.
- Expected Travel: Up to 20%
- Bachelors degree required
- Ability to be creative to think “outside the box”.
