Principal Cyber Security Analyst - (Remote, EMEA Based)

At Medtronic, you can build a lifelong career of exploration and innovation while championing healthcare access and equity for all. You will lead with purpose, breaking down barriers to innovation in a more connected, compassionate world.

The Digital Technologies Business Unit (DTBU) is implementing cutting-edge AI technology, computer vision, and augmented reality in the operating room (OR) to augment surgical coaching and performance. Our goal is to deliver safer surgery worldwide. Our Touch SurgeryTM Video solution is an innovative platform for hospitals that includes the DS1 Computer, our first OR device, enabling surgeons, OR team members, and trainees to securely access videos of their procedures shortly after surgery.

As a member of the Customer Success team, the Principal Cyber Security Analyst will facilitate stakeholder assurance efforts related to DTBU products to support sales initiatives. Responsibilities include addressing customer inquiries about the security controls of the Touch Surgery Ecosystem, streamlining security questionnaire processes, and collaborating with internal teams such as sales, R&D, Product Security, and the Global Cyber and Information Security Office to consolidate responses and improve operational efficiency.

• Develop a thorough understanding of the Digital Technologies business, products, and key stakeholders.
• Serve as the primary contact for completing security questionnaires related to DTBU products, ensuring timely and accurate responses per SLAs.
• Collaborate with R&D, Technical Services, Product Security, and GCISO teams to compile questionnaire responses.
• Maintain and enhance the security question-answer database to improve efficiency, utilizing tools like ProcessBolt.
• Engage directly with customers and their security teams to explain and clarify security controls.
• Advise internal leadership on security practices, risks, and improvements based on customer feedback and industry trends. Maintain knowledge of compliance standards such as GDPR, HIPAA, SOC2, ISO 27001.
• Prioritize process improvements and regularly update IT stakeholders and business leaders on program status.
• Respond promptly to security support requests and ensure stakeholders meet SLA commitments.

• Bachelor's degree in information security, Cybersecurity, or related field.
• At least 4 years of relevant experience in a compliance or IT security role, preferably in MedTech or healthcare.
• Solid understanding of IT security and audit principles.
• Knowledge of compliance frameworks (ISO 27001, NIST, GDPR, HIPAA) and regulatory requirements.
• Ability to handle complex security inquiries and communicate technical information effectively.
• Strong project management skills.

• Experience in the MedTech or healthcare industry.
• Certifications such as CISM, CISA, or CISSP are highly desirable.
• Deep understanding of cloud security, data privacy laws, and relevant regulations.
• Ability to collaborate across business units and regions.

These statements describe the general nature of the work but are not exhaustive of all responsibilities and skills required.

Medtronic offers a competitive salary and flexible benefits package, supporting employees at every career and life stage.

We lead global healthcare technology, tackling the most challenging health problems. Our mission is to alleviate pain, restore health, and extend life. With over 95,000 passionate employees, we innovate from R&D to manufacturing to improve lives worldwide.