Senior Cyber Information Assurance Analyst.

Social network you want to login/join with:

Client: Medtronic

Location: Madrid, Spain

Job Category: Other

EU work permit required: Yes

Job Views: 1

Posted: 19.04.2025

Expiry Date: 03.06.2025

Careers that Change Lives
As the Senior Cyber Information Assurance Analyst for the Digital Technologies Business Unit (DTBU), your primary role is to facilitate stakeholder assurance efforts related to DTBU products to enable critical sales efforts. You will address customer inquiries about the DS1 Touch Surgery platform's security controls, both in writing as well as in meetings if required.

This role further involves streamlining the security questionnaire process and collaborating with internal teams like R&D, Product Security and other Global Cyber and Information Security Office Functions to consolidate responses and improve operational efficiency.

A Day in the Life

1. Business Understanding: Develop a thorough understanding of the Digital Technologies business, products and key stakeholders.
2. Security Questionnaire Lead: Serve as the primary contact for completing security questionnaires related to Digital Technologies Business Unit (DTBU) products, ensuring timely and accurate responses per internal service level agreements (SLAs).
3. Cross-Team Collaboration: Collaborate with R&D, Technical Services, Product Security, and the Global Cyber and Information Security Office (GCISO) teams to compile questionnaire responses.
4. Database and Tools Management: Continuously update and enhance the security question-answer database to improve efficiency and reduce response times. Utilize tools like ProcessBolt to streamline processes.
5. Customer Interaction: Be prepared to directly engage with customers and their security teams to explain and clarify security controls for DTBU products.
6. Security Insights and Compliance: Be prepared to advise internal leadership on security practices, potential risks, and enhancements based on customer feedback and industry trends. Maintain knowledge of compliance standards (GDPR, HIPAA, SOC2, ISO 27001 etc.) relevant to DTBU.
7. Process Improvement and Reporting: Prioritize initiatives to simplify processes and enhance customer satisfaction. Regularly update IT stakeholders and business leaders, including the GCISO, on program status and developments.
8. Service Accountability: Ensure prompt response to security-related support requests and hold yourself & DTBU stakeholders accountable for delivering on commitments and meeting SLA targets.

Must Haves

1. Bachelor’s degree in information security, Cybersecurity, or a related field
2. 4+ years of relevant experience in a compliance or IT security role, preferably within the MedTech or Healthcare sector.
3. Solid understanding of IT Security and audit principles
4. Ability to understand, question, and interpret internal and external security environments.
5. Working knowledge of compliance frameworks (e.g., ISO 27001, NIST, GDPR, HIPAA), as well as regulatory requirements (HIPAA, GDPR)
6. Demonstrated ability to handle complex security inquiries.
7. Experience communicating technical information to non-technical team members.
8. Excellent project management skills

Nice to Haves

1. Previous Medtech or healthcare experience strongly preferred.
2. Certifications such as CISM, CISA, CISSP highly desirable
3. In-depth understanding of cloud security, data privacy laws, and regulatory requirements.
4. Experience working across business units and geographical boundaries to engage IT, business counterparts, and team members.

We Offer

1. We offer a competitive salary and benefits package to all our employees:
2. Flexible working environment
3. Annual Incentive Plan % depending on company results.
4. Pension scheme and group discount on healthcare insurances
5. Training possibilities via Cornerstone/Harvard Manage Monitor/Skills Lab
6. Employee Assistance Program and Recognize! (our global recognition program)

Our Commitment

Our unwavering commitment to inclusion, diversity, and equity (ID&E) means zero barriers to opportunity within Medtronic and a culture where all employees belong, are respected, and feel valued for who they are and the life experiences they contribute. We know equity starts beyond our workplace, and we must play a role in addressing systemic inequities in our communities if we hope to have long-term sustainable impact. Anchored in our Mission, we continue to drive ID&E forward both to enhance the well-being of Medtronic employees and to accelerate innovation that brings our lifesaving technologies to more people in more places around the world.