Senior Cybersecurity Specialist

At Medtronic you can begin a life-long career of exploration and innovation, while helping champion healthcare access and equity for all. You'll lead with purpose, breaking down barriers to innovation in a more connected, compassionate world.

A Day in the LifeWe are seeking a highly skilled and experienced Senior Cybersecurity-Specialist to drive special projects and programmatic initiatives aimed at enhancing the organization's cybersecurity posture. The successful candidate will work closely with senior leadership, cross-functional teams, and external stakeholders to deliver strategic solutions, optimize processes, and ensure robust security measures are in place to protect the organization's digital assets.

As a Senior Cybersecurity Specialist, you will play a key role in bridging the gap between technical and business requirements, helping to define and implement initiatives that align with both business objectives and cybersecurity best practices. You will be responsible for assessing the current security landscape, identifying areas for improvement, and managing the delivery of high-impact cybersecurity projects.

Responsibilities may include the following and other duties may be assigned.

• Compliance Management: Lead and manage cybersecurity compliance efforts, ensuring adherence to relevant global standards, including ISO 27001, NIST, GDPR, SOC 2, PCI DSS, Etc.
• Compliance Analysis: Work closely with stakeholders across IT, cybersecurity, and business units to ensure compliance against security controls and policy and standards defined as a part of the governance documentation.  Provide guidance/recommendations to stakeholders on how to correct non-compliance issues.
• Policy Development & Enforcement: Enforce, implement, and enforce cybersecurity policies and procedures to ensure regulatory compliance, industry best practices, and organizational security requirements.
• Risk Management: Conduct compliance assessments and/or valuation audits to identify compliance gaps, vulnerabilities, and opportunities for improvement. Collaborate with internal stakeholders to remediate identified issues and mitigate potential risks. Work cross-functionally with IT, legal, risk management, and business teams to ensure compliance initiatives are embedded within all key business processes and technology implementations.
• Audit & Reporting: Oversee and manage internal and external cybersecurity compliance. Provide regular compliance reports to senior leadership, outlining the organization's compliance status, risks, and mitigation strategies.
• Metrics & Reporting: Define and track key compliance performance indicators (KPIs) for program success. Provide regular updates and reports on cybersecurity project performance, outcomes, and opportunities for continuous improvement.
• Governance, Risk & Compliance (GRC) Expertise: Demonstrated expertise in GRC frameworks and processes, including system selection, system administration, and supporting core GRC functions.  Act as technical system administrator for GRC specific technology.
• Collaboration & Cross-Functional Coordination: Work in tandem with IT, security operations, compliance, legal, and other GCISO and Medtronic departments to ensure seamless compliant execution of projects, adherence to industry standards, and alignment with organizational priorities.
• Continuous Improvement: Stay abreast of emerging cybersecurity threats, regulatory changes, trends, and technologies to proactively incorporate new best practices and solutions into the organization's cybersecurity strategy. Provide guidance on how new regulations or industry standards impact the organization's compliance posture.
• Continuous Improvement: Drive continuous improvement initiatives for compliance processes, leveraging automation and best practices to increase efficiency, reduce costs, and improve security posture.

MUST HAVE (Minimum Qualifications)

SENIOR LEVEL:

• Requires a Baccalaureate degree Information Technology, Cybersecurity, Business Administration, or a related field.  (or for degrees earned outside of the United States, a degree which satisfies the requirements of 8 C.F.R. § 214.2(h)( 4)(iii)(A) and
• Minimum of 5 years of relevant experience, or

NICE TO HAVE (Preferred Qualifications)

• Education: Advanced degree or certifications (e.g., CISSP, CISM, CISA, PMP, ISO27001 Auditor) preferred.

Experience:

• 7+ years of experience in cybersecurity compliance (Governance, Risk & Compliance)
• Proven track record of successfully delivering complex cybersecurity initiatives and special projects.
• Strong understanding of cybersecurity frameworks, risk management, and industry best practices (e.g., NIST, ISO 27001, GDPR, etc.).

Skills & Competencies:

• Strong analytical and problem-solving skills with the ability to assess business needs and translate them into actionable cybersecurity solutions.
• Excellent communication and interpersonal skills, with the ability to interact effectively with both technical and non-technical stakeholders.
• Ability to manage multiple projects or program initiatives concurrently while maintaining high standards of quality and attention to detail.

Technical Knowledge:

• Familiarity with security technologies, incident management systems, and tools.
• Understanding of IT infrastructure, networks, cloud environments, and cybersecurity protocols.

Physical Job Requirements

The above statements are intended to describe the general nature and level of work being performed by employees assigned to this position, but they are not an exhaustive list of all the required responsibilities and skills of this position. 

Benefits & Compensation

Medtronic offers a competitive Salary and flexible Benefits Package
A commitment to our employees lives at the core of our values. We recognize their contributions. They share in the success they help to create.  We offer a wide range of benefits, resources, and competitive compensation plans designed to support you at every career and life stage.
 

About Medtronic

We lead global healthcare technology and boldly attack the most challenging health problems facing humanity by searching out and finding solutions.
Our Mission — to alleviate pain, restore health, and extend life — unites a global team of 95,000+ passionate people. 
We are engineers at heart— putting ambitious ideas to work to generate real solutions for real people. From the R&D lab, to the factory floor, to the conference room, every one of us experiments, creates, builds, improves and solves. We have the talent, diverse perspectives, and guts to engineer the extraordinary.

Learn more about our business, mission, and our commitment to diversity here  
 

---