Medtronic is looking to solve the problem of ensuring compliance with regulatory requirements for medical device software and product cybersecurity, and identifying gaps in medical device software to improve patient safety and business outcomes.
Requirements
- Experience with regulated medical device software requirements: IEC 62304:2006 + AMD1:2015, IEC 82304-1:2016, United States FDA Device Software Functions related Guidance’s
- Experience with regulated product cybersecurity requirements: IEC 81001-5-1:2021, SW96:2023, United States FDA Pre-Market and Post-Market Product Cybersecurity Guidance’s
- Security Certifications (i.e., CISSP, CEH, CISA, CISM, Security+, GSEC, OSCP, etc.)
- Firsthand experience assessing medical device software and product cybersecurity of regulated or safety critical devices.
- Experience auditing Quality Systems to global requirements
- Quality System Lead Auditor certified
- Prior FDA or NB auditor experience
- Experience performing hardware and software penetration testing
Responsibilities
- Must have experience, subject matter expertise (SME), and technical knowledge working with regulated medical device software and product cybersecurity requirements.
- Remain informed on Regulatory requirements for Software and Product Cybersecurity to identify gaps in medical device software.
- Manage and oversee internal audit activities, which may include conducting and/or overseeing audits, investigations, and/or interviews; and preparing corresponding reports and documents.
- Coordinate and/or complete internal assessments and/or audits in accordance with regulatory standards, which may include US and/or international regulatory agencies/authorities.
- Interpret and implement applicable regulations as they apply to products, processes, practices, and procedures.
- Analyze audit data and present findings to management and/or regulatory bodies in support of Corrective Action Plans, which may include coaching business partners on compliance gaps, data, and/or resulting corrective actions.
- Own development of training and awareness programs for Software as a Medical Device (SaMD), Software in a Medical Device (SiMD), and product cybersecurity designed to increase auditor awareness and knowledge of requirements.
Other
- Bachelor's degree with 7+ years of work experience in Quality or regulated industry OR Advanced degree with 5+ years of work experience in Quality or regulated industry OR PhD with 3+ years of work experience in Quality or regulated industry
- Expected travel: 20-25%
- Strong interpersonal communication and ability to demonstrate a collaborative work style.
- Comfortable working in an ambiguous environment.
- Innovative thinker: ability to think outside of the current norms and processes
- Independent self-starter
