Principal Cyber Security Analyst - (Remote, EMEA Based)

At Medtronic you can begin a life-long career of exploration and innovation, while helping champion healthcare access and equity for all. You’ll lead with purpose, breaking down barriers to innovation in a more connected, compassionate world.

The Digital Technologies Business Unit (DTBU) is implementing cutting-edge AI technology, computer vision, and augmented reality in the operating room (OR) to augment surgical coaching, and eventually, performance. Our goal is to deliver safer surgery around the world. Our Touch SurgeryTM Video solution is an innovative video management and data analytics platform for hospitals that includes the DS1 Computer, our first OR device, allowing surgeons, OR team members, and trainees to securely access videos of their procedures shortly after surgery.

As a member of the Customer Success team, the Principal Cyber Security Analyst is responsible to facilitate stakeholder assurance efforts related to DTBU products to enable critical sales efforts. You will address customer inquiries about the Touch Surgery Ecosystem’s security controls, both in writing as well as in meetings if required. This role further involves streamlining the security questionnaire process and collaborating with internal teams like sales, extended Customer Success team, R&D, Product Security and other Global Cyber and Information Security Office Functions to consolidate responses and improve operational efficiency.

Responsibilities may include the following and other duties may be assigned:

• Business Understanding: Develop a thorough understanding of the Digital Technologies business, products and key stakeholders.
• Security Questionnaire Lead: Serve as the primary contact for completing security questionnaires related to Digital Technologies Business Unit (DTBU) products, ensuring timely and accurate responses per internal service level agreements (SLAs).
• Cross-Team Collaboration: Collaborate with R&D, Technical Services, Product Security, and the Global Cyber and Information Security Office (GCISO) teams to compile questionnaire responses.
• Database and Tools Management: Continuously update and enhance the security question-answer database to improve efficiency and reduce response times. Utilize tools like ProcessBolt to streamline processes.
• Customer Interaction: Be prepared to directly engage with customers and their security teams to explain and clarify security controls for DTBU products.
• Security Insights and Compliance: Be prepared to advise internal leadership on security practices, potential risks, and enhancements based on customer feedback and industry trends. Maintain knowledge of compliance standards (GDPR, HIPAA, SOC2, ISO 27001 etc.) relevant to DTBU.
• Process Improvement and Reporting: Prioritize initiatives to simplify processes and enhance customer satisfaction. Regularly update IT stakeholders and business leaders, including the GCISO, on program status and developments.
• Service Accountability: Ensure prompt response to security-related support requests and hold yourself & DTBU stakeholders accountable for delivering on commitments and meeting SLA targets.

Required Knowledge and Experience:

• Bachelor’s degree in information security, Cybersecurity, or a related field.
• 4+ years of relevant experience a compliance or IT security role, preferably within the MedTech or Healthcare sector.
• Solid understanding of IT Security and audit principles.
• Ability to understand, question, and interpret internal and external security environments.
• Working knowledge of compliance frameworks (e.g., ISO 27001, NIST, GDPR, HIPAA), as well as regulatory requirements (HIPAA, GDPR).
• Demonstrated ability to handle complex security inquiries.
• Commercial mindset.
• Experience communicating technical information to non-technical team members.
• Excellent project management skills.

Preferred skills include prior experience in the MedTech or healthcare industry, which is strongly valued. Certifications such as CISM, CISA, or CISSP are highly desirable, reflecting a strong foundation in information security. A deep understanding of cloud security, data privacy laws, and relevant regulatory requirements is essential. Additionally, the ability to collaborate effectively across business units and geographical regions, engaging with IT teams, business stakeholders, and cross-functional team members, is a key asset.

Physical Job Requirements

The above statements are intended to describe the general nature and level of work being performed by employees assigned to this position, but they are not an exhaustive list of all the required responsibilities and skills of this position.

Medtronic offers a competitive Salary and flexible Benefits Package
A commitment to our employees lives at the core of our values. We recognize their contributions. They share in the success they help to create. We offer a wide range of benefits, resources, and competitive compensation plans designed to support you at every career and life stage.

We lead global healthcare technology and boldly attack the most challenging health problems facing humanity by searching out and finding solutions.
Our Mission — to alleviate pain, restore health, and extend life — unites a global team of 95,000+ passionate people.
We are engineers at heart— putting ambitious ideas to work to generate real solutions for real people. From the R&D lab, to the factory floor, to the conference room, every one of us experiments, creates, builds, improves and solves. We have the talent, diverse perspectives, and guts to engineer the extraordinary.

Learn more about our business, mission, and our commitment to diversity here