Information Security GRC Program Senior Manager directing security governance, risk, and compliance functions at Kemper. Leading a team to ensure audits, exams, and control frameworks are maintained effectively.
About the role
- Principal Product Security Engineer at Medtronic ensuring compliance with cybersecurity expectations. Leading product security initiatives and guiding R&D teams on secure product lifecycle.
Responsibilities
- Act as point person for the AC&M organization on product security, taking accountability for the organization’s security posture
- Answer questions related to product security during internal and external audits
- Maintain the product security Confluence site and organize documentation related to product security
- Establish and lead implementation of roadmap of goals for product security team and organization
- Organize day-to-day activities of the product security team members and lead standups
- Provide mentorship and guidance to junior and senior product security engineers
- Support definition of roles and responsibilities for product security
- Provide guidance to R&D project teams on security controls and assist with security-focused design and code reviews
- Collaborate with the Medtronic Product Security Office and other R&D organizations to ensure alignment
- Collaborate with project teams to create, review, and maintain threat models
- Assist project teams with creating security architecture diagrams
- Assist project teams with performing and documenting security risk assessments
- Evaluate project deliverables for compliance with security-related standards and guidance
- Assist with creation of MDS2 forms and answering product security questions from customers
- Assist project teams with executing and reviewing results from SAST and DAST tools
- Capture metrics to measure the organization’s security posture
- Respond to product security incidents and work with customers on security-related issues
- Provide security training and documentation to the R&D organization as needed
- Assist project teams with building and reviewing SBOMs
- Assist project teams with analyzing vulnerabilities identified by penetration testing and SBOM analysis
Requirements
- Bachelor’s Degree
- 7+ years of cybersecurity experience with a bachelor's degree
- 5+ years of cybersecurity experience with a master's degree
- Ability to work in a team-oriented environment
- Experience working in an agile environment
- Knowledge of cybersecurity standards, including IEC 81001-5-1
- Knowledge of FDA pre and post-market cybersecurity guidance
- Ability to navigate and align with Regulatory, Quality, and other cross functions.
- Superb written and oral communication skills
- Experience working in medical device space
- Experience communicating with external stakeholders, such as auditors and customers
- Experience with vulnerability monitoring software, such as Dependency-Track
- Experience with threat modeling tools, such as Microsoft Threat Modeling Tool
- Experience with penetration testing, SAST, and DAST tools
- A valid cybersecurity certification, such as CISSP, CSSLP, CISM, CySA+ or Security+
Benefits
- Health, Dental and vision insurance
- Health Savings Account
- Healthcare Flexible Spending Account
- Life insurance
- Long-term disability leave
- Dependent daycare spending account
- Tuition assistance/reimbursement
- Simple Steps (global well-being program)
- Incentive plans
- 401(k) plan plus employer contribution and match
- Short-term disability
- Paid time off
- Paid holidays
- Employee Stock Purchase Plan
- Employee Assistance Program
- Non-qualified Retirement Plan Supplement (subject to IRS earning minimums)
- Capital Accumulation Plan (available to Vice Presidents and above, or subject to IRS earning minimums)
Job title
Job type
Experience level
Salary
Degree requirement
Tech skills
Location requirements
Associate Director ICT Security overseeing the cybersecurity strategy and team leadership at PFH Technology in Dublin. Ensuring compliance and security in Ireland’s healthcare infrastructure.
VG
Senior Consultant focused on ISMS, BCM, and cybersecurity compliance at VICCON GmbH. Leading projects and collaborating with clients to enhance their information security and resilience.
GSS Officer at Itad supporting safety, security, and travel policies. Overseeing risk management and collaborating with project teams for operational support.
Install and manage fall protection systems at height, ensuring compliance with safety standards. Leadership required in overseeing teams and project delivery at construction sites.
Security Design Lead in Rabobank's cybersecurity team, designing secure technology solutions for food & agribusiness banking. Collaborating across teams to ensure robust security implementations.
Identity Security Posture Management Specialist enhancing identity security posture at Kemper Insurance. Collaborates across teams to tackle identity risks and compliance challenges in a high - performing culture.
Zscaler Engineer responsible for maintaining cybersecurity tools and developing integrations at HP. Collaborating across teams to enhance data loss prevention strategies and monitor industry threats.
Senior Manager overseeing Security Risk Management at First American. Leading enterprise policies, third - party vendor security, and security strategy execution.
Principal Architect developing cybersecurity strategy for Ensemble's technology - enabled revenue cycle management solutions. Focus on securing cloud architectures and ensuring information assurance in healthcare.