Careers that change lives start here. Medtronic is a global leader in healthcare technology with a Mission to alleviate pain, restore health, and extend life. Our 95,000 employees work across more than 150 countries to put patients first — developing innovative medical technologies that improve the lives of 72+ million patients each year. Your unique talents will help shape the future of healthcare while building a career grounded in purpose, growth, and impact.
A Day in the Life
We are seeking a highly skilled Cyber Defense Specialist to join our dynamic cyber security team. In this role, you will be responsible for identifying, analyzing, and mitigating cyber threats to protect our organization’s assets and data. You will leverage your expertise in incident response to enhance our security posture and ensure the organization is well-prepared to respond to evolving threats. Key activities include:Incident Response: Active incident response team member responsible for investigating and closing out security incidents.
Reporting: Create and present reports, dashboards, and briefings to stakeholders at various levels within the organization.
Threat Analysis: Monitor and analyze cyber threats and vulnerabilities from various sources, including open-source intelligence, industry reports, and dark web forums.
Responsibilities may include the following and other duties may be assigned:
- Monitor security alerts and identify potential incidents in real time from various sources (SIEM, intrusion detection systems)
- Participate in the full incident Response lifecycle. Perform investigations on complex information security incidents,
- including determining root cause and lessons learned.
- Develop, implement, and review processes, procedures, and playbooks for Security Incident Response and Security
- Incident Triage functions.
- Apply Security Incident Response log analysis and forensic techniques (i.e. forensic timelining) on events and artifacts.
- Participate in the development of custom detection rules, partnering with the Anomaly Detection Program Manager, for
- both common and targeted threats.
- Provide support during post-incident reviews and help identify areas for process improvement.
- Stay current on the latest cybersecurity threats, vulnerabilities, and trends
- Participate in incident response training and tabletop exercises to enhance skills and readiness
- Analyze the collected data to identify trends, patterns, and potential threats specific to the organization. Create a summary report outlining actionable insights and recommended mitigation strategies for the security team and key stakeholders.
- Meet with other incident response team to provide intelligence support for ongoing investigations. Share insights about threat actors, their methodologies, and potential indicators of compromise (IOCs) relevant to the current incidents
- Collaborate with the vulnerability management team to review the latest vulnerability assessments. Discuss findings and recommend prioritization based on threat intelligence and potential impact on the organization.
- Participate in on-call rotation for full coverage of incident response activities
- Work effectively with third part SOC partners
- Respond to potential incidents associated reputational risk associated with malicious domains
- Effectively investigate organizational incidents such as account takeovers, zero-day attacks, phishing campaigns
- Work with security awareness team and threat intelligence teams to provide develop organizational training
- Document processes and playbooks
- Partner with internal and external teams. Ability to negotiate with others to reach understanding or agreement.
- Provide technical solutions to a wide range of difficult problems. Solutions are imaginative, thorough, and practicable,
- and consistent with organization objectives.
- Work on developing or refining threat models for the organization. This involves mapping out potential attack vectors, assessing the organization’s defenses, and recommending improvements based on intelligence findings.
- Contribute to creating training materials for employees on current cyber threats and best practices for maintaining security hygiene. Plan upcoming awareness sessions to educate staff about recognizing phishing attempts and other social engineering tactics.
- Formulate specific hypotheses about potential threats based on previous incidents, emerging trends, or known vulnerabilities.
- Determine which systems, applications, or data sets will be the focus of the hunt, often based on risk assessments or threat intelligence.
- Collect logs from various sources, such as SIEM (Security Information and Event Management) systems, firewalls, and endpoint detection and response (EDR) tools.
- Foster a positive, engaging and challenging team-focused ‘global’ work environment to ensure high productivity, employee engagement, and optimal performance.
- Proactively engage with Medtronic business and Global IT partners to identify and define opportunities where the application of information technology can advance the strategic goals and objectives of Medtronic.
- Act as role model by “living” and demonstrating the Medtronic
Required Knowledge and Experience:
- 7+ years of Information Security Experience with a Bachelor's Degree in Engineering, MCA, or MSc
- Experience in a global enterprise on a defined cyber security team
- Experience participating in incident response events and response
- Experience briefing leadership and speaking to the organization broadly
- Experience identifying key threats and vulnerabilities and reporting them out to the organization
NICE TO HAVE (Preferred Qualifications)
- Familiarity with frameworks like MITRE ATT&CK, Diamond Model, or Cyber Kill Chain, which help in understanding and categorizing threats
- Basic understanding of reverse engineering and static/dynamic analysis of malware to identify behaviors and capabilities.
- Skills in evaluating risks and vulnerabilities to help prioritize threats based on potential impact and likelihood.
- Familiarity with cloud environments (e.g., AWS, Azure, GCP) and the specific threats associated with cloud security.
- Understanding of social engineering tactics to help recognize and counteract human-targeted threats.
Physical Job Requirements
The above statements are intended to describe the general nature and level of work being performed by employees assigned to this position, but they are not an exhaustive list of all the required responsibilities and skills of this position.
Recruitment Fraud Alert
We are aware of phishing scams targeting job seekers. Please keep the following in mind:
Apply only through official Medtronic channels. All legitimate Medtronic recruiting communications come from approved Medtronic platforms and official @medtronic.com email addresses.
Medtronic will never ask for payment or sensitive personal information (such as bank account or Social Security details) during early stages of the hiring process. Any such requests are not legitimate.
If you receive a suspicious message claiming to be from Medtronic, do not respond, click links, or open attachments.
If you have any questions, concerns regarding the authenticity of a communication alleged to have been made by or on behalf of Medtronic, please contact us immediately at AskHR@medtronic.com.
Benefits & Compensation
Medtronic offers a competitive Salary and flexible Benefits Package
A commitment to our employees lives at the core of our values. We recognize their contributions. They share in the success they help to create. We offer a wide range of benefits, resources, and competitive compensation plans designed to support you at every career and life stage.
This position is eligible for a short-term incentive called the Medtronic Incentive Plan (MIP).