Distinguished Engineer - Security Architect

Distinguished Engineer - Security ArchitectLocation:Mounds View, Minnesota, United StatesRequisition #:21000QK3Post Date:14 hours agoCareers that Change LivesThe Security Architect is accountable for leading all security-related direction and delivery by technically enabling teams to deliver secure functionality to users.A Day in the LifeInception:Sets the architectural vision, design, and technology choices for the security solutions in the Patient Management ecosystem.

Brings a clear security influence to the culture, patterns, practices, and tooling of software delivery with Agile and DevOps foundations.

Provides well informed recommendations with multiple options using POCs and other means of establishing validated learning in critical aspects of the architecture and design.

Identifies and documents technical risks and strategies for mitigation.

Gains support and approval for architecture and design, this often involves collaboration with corporate security entities.

Delivers and maintains architecture documents and presentations needed for review and team guidance

Accountable for technical viability of quality solutions that work with the given cost, scope, and schedule while maximizing progress toward the vision and balancing technical debt.

Establish patterns, practices and standards that enable teams to work more independently while maintaining security integrity of the system.

Collaborates with Product Owners, HFUX, Systems Engineers, fellow Architects, and technical leaders, to define solutions to market requirements.

Works with other teams in the formulation and review of their work, providing critical thinking and additional options that improve the work of the wider team.

Working with Product Leaders to define vision by providing a voice of technical possibility, feasibility, and sequencing options.

Working with Regulatory on the technical impact of emerging and existing legislation with security implications (e.g., DiGA, GDPR, CCPA)

Delivery:Engages with the persistent teams through Agile/Scrum ceremonies including PI and Scrum planning, stand ups, sprint reviews, and retrospectives as appropriate.

Engages with the larger security architecture team to ensure alignment across the Patient Management ecosystem of hardware and software.

Works with the Product Owner to define aspects of user story acceptance criteria and the prioritization of the Architecture Runway.

Balances security with cost and capability assessments to support experiences designed.

Works with the persistent teams to adapt the design based on early sprints and other learnings.

Guides the teams in leveraging established standards, patterns, and practices for delivery.

Accountable for secure delivery of features into production such as: threat modeling, static and dynamic analysis of source code, 3rd party component vulnerability remediation strategy.

Responsibilities may also include the following.Designs, develops, documents, tests, maintains, and debugs applications software and systems that contain logical and mathematical solutions.

Conducts multidisciplinary research and collaborates with equipment designers and/or hardware engineers in the planning, design, development, and utilization of electronic data processing systems for product and commercial software.

Determines computer user needs; analyzes system capabilities to resolve problems on program intent, output requirements, input data acquisition, programming techniques and controls; prepares operating instructions; designs and develops compilers and assemblers, utility programs, and operating systems.

Ensures software standards are met.

Must Have: Minimum RequirementsBachelors degree required

Minimum of 15 years of relevant experience, or advanced degree with a minimum of 13 years of relevant experience

Nice to HaveExperience delivering into production technically and organizationally complex features in a secure manner

Software delivery through SecDevOps with technical depth in security tooling governance and auditing.

Adept at incident response and vulnerability management.

Comfortable guiding the organization through compliance requirements (ISO 27001, HIPAA, France HDH, GDPR).

Guiding participant in the evolution of the security of the IoT edge point.

Medium level of skill in the craft of distributed application development.

Experience with the cloud focused controls (Guard duty, Macie, Dome 9, AWS network level security controls, AWS certificate manager KMS and IAM policies).

Comfort with virtual machine and compute orchestration controls.

Operating Behaviors:Leveraging feedback loops for data driven conversations that lead to continual improvement

Is available to the team to help solve specific problems

Is a security technical advocate for the teams

Builds a network of experts as technical resources to leverage inside and outside Medtronic

Drives change in technology, architecture, tooling, and process

Is continually learning and supporting learning across the organization

Skilled in negotiation and conflict resolution across business units and the corporate security office.

About MedtronicTogether, we can change healthcare worldwide. At Medtronic, we push the limits of what technology, therapies and services can do to help alleviate pain, restore health and extend life. We challenge ourselves and each other to make tomorrow better than yesterday. It is what makes this an exciting and rewarding place to be.We want to accelerate and advance our ability to create meaningful innovations - but we will only succeed with the right people on our team. Lets work together to address universal healthcare needs and improve patients lives. Help us shape the future.Physical Job RequirementsThe physical demands described within the Responsibilities section of this job description are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. For Office Roles: While performing the duties of this job, the employee is regularly required to be independently mobile. The employee is also required to interact with a computer, and communicate with peers and co-workers. Contact your manager or local HR to understand the Work Conditions and Physical requirements that may be specific to each role. (ADA-United States of America)It is the policy of Medtronic to provide equal employment opportunity (EEO) to all persons regardless of age, color, national origin, citizenship status, physical or mental disability, race, religion, creed, gender, sex, sexual orientation, gender identity and/or expression, genetic information, marital status, status with regard to public assistance, veteran status, or any other characteristic protected by federal, state or local law. In addition, Medtronic will provide reasonable accommodations for qualified individuals with disabilities.