We anticipate the application window for this opening will close on - 10 Sep 2025

 

At Medtronic you can begin a life-long career of exploration and innovation, while helping champion healthcare access and equity for all. You’ll lead with purpose, breaking down barriers to innovation in a more connected, compassionate world.

A Day in the Life

The Principal Software Systems Engineer plays a key leadership role in delivering secure, scalable, and innovative applications that empower patients and healthcare providers to connect and deliver care anytime, anywhere. This position combines deep technical expertise in application security with leadership in building and supporting enterprise-grade health applications, diagnostics, therapy analytics, and real-time alerting systems.

You will lead the creation, assessment, and delivery of secure CareLink applications, ensuring compliance with rigorous medical device software standards while operating at the “speed of consumers.” Core responsibilities include reviewing release changes, conducting thorough security assessments, performing source code and open-source security scans, coordinating penetration testing, and maintaining critical security documentation such as Threat Models, Cybersecurity Risk Assessments, and FedRAMP compliance artifacts. You will collaborate across development, product security, and external testing teams to identify and mitigate vulnerabilities using tools such as Fortify, BlackDuck, BurpSuite, and Postman.

This is a unique opportunity to apply your best technical innovation, problem solving and leadership skills to truly make a difference in our health and well-being.

This position is an exciting opportunity to work with Medtronic's Diabetes business. Medtronic has announced its intention to separate the Diabetes division to promote future growth and innovation within the business and reallocate investments and resources across Medtronic, subject to applicable information and consultation requirements. This separation provides our team with a bold opportunity to unleash our potential, enabling us to operate with greater speed and agility. As a separate entity, we anticipate leveraging increased investments to drive meaningful innovation and enhance our impact on patient care.

Responsibilities may include the following and other duties may be assigned. ​

• Review the scope of changes (ESFs, Jira tickets, Dev discussions) for CareLink releases.

• Regularly attend cross-scrum technical calls (User Apps and User Services) to understand the scope of changes

• Complete security assessments of the changes for CareLink releases.

• Fill out the detailed ESF write-ups for each change, as needed for security reports

• Review the write-ups with Product security team/ISAC and address any comments.

• Run periodic security scans of source code during each Sprint cycle, and share results with Dev team. This includes the following:

• Perform security static code analysis (SCA / SAST) using Fortify tool on source code.

• Execute scans for SOUP analysis of the different CareLink products, using tool such as BlackDuck.

Responsible for Security documentation. This includes the following:

• Reviewing and updating Threat Models and Cybersecurity Risk Assessment (CRA) reports as needed.

• Update security (CRM) reports for the different CareLink products for each CareLink release.

• Follow up on mitigations and security fixes for previous security findings, including PenTest findings and SAST, SCA results.

• Conduct ad-hoc testing to validate pen test findings and mitigations. Need to proficient in using tool such as BurpSuite, Postman, etc.

• Ensure timely implementation of security fixes and update

• Respond to third-party security questionnaires, ensuring alignment with our security policies and standards.

• Track and maintain repository in SharePoint of security assessments (completed and in progress questionnaires)

• Coordinate with external penetration testing teams to plan and conduct thorough security assessments.

• Provide environment readiness, API endpoints documentation, application data flow, intended functionalities, type of roles, and input parameters.

• Provide support for FedRAMP certification

• Collect and organize information needed for FedRAMP certification to support our compliance goals.

Physical Job Requirements

The above statements are intended to describe the general nature and level of work being performed by employees assigned to this position, but they are not an exhaustive list of all the required responsibilities and skills of this position. 

The physical demands described within the Responsibilities section of this job description are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. For Office Roles: While performing the duties of this job, the employee is regularly required to be independently mobile. The employee is also required to interact with a computer, and communicate with peers and co-workers. Contact your manager or local HR to understand the Work Conditions and Physical requirements that may be specific to each role.

Benefits & Compensation
 

Medtronic offers a competitive Salary and flexible Benefits Package
A commitment to our employees lives at the core of our values. We recognize their contributions. They share in the success they help to create.  We offer a wide range of benefits, resources, and competitive compensation plans designed to support you at every career and life stage.
 

Salary ranges for U.S (excl. PR) locations (USD):$148,000.00 - $222,000.00

This position is eligible for a short-term incentive called the Medtronic Incentive Plan (MIP).

The base salary range is applicable across the United States, excluding Puerto Rico and specific locations in California. The offered rate complies with federal and local regulations and may vary based on factors such as experience, certification/education, market conditions, and location. Compensation and benefits information pertains solely to candidates hired within the United States (local market compensation and benefits will apply for others).

The following benefits and additional compensation are available to those regular employees who work 20+ hours per week: Health, Dental and vision insurance, Health Savings Account, Healthcare Flexible Spending Account, Life insurance, Long-term disability leave, Dependent daycare spending account, Tuition assistance/reimbursement, and Simple Steps (global well-being program).

 

The following benefits and additional compensation are available to all regular employees: Incentive plans, 401(k) plan plus employer contribution and match, Short-term disability, Paid time off, Paid holidays, Employee Stock Purchase Plan, Employee Assistance Program, Non-qualified Retirement Plan Supplement (subject to IRS earning minimums), and Capital Accumulation Plan (available to Vice Presidents and above, or subject to IRS earning minimums).

 

Regular employees are those who are not temporary, such as interns.  Temporary employees are eligible for paid sick time, as required under applicable state law, and the Employee Stock Purchase Plan. Please note some of the above benefits may not apply to workers in Puerto Rico.

 

Further details are available at the link below:

Medtronic benefits and compensation plans

About Medtronic

We lead global healthcare technology and boldly attack the most challenging health problems facing humanity by searching out and finding solutions.
Our Mission — to alleviate pain, restore health, and extend life — unites a global team of 95,000+ passionate people. 
We are engineers at heart— putting ambitious ideas to work to generate real solutions for real people. From the R&D lab, to the factory floor, to the conference room, every one of us experiments, creates, builds, improves and solves. We have the talent, diverse perspectives, and guts to engineer the extraordinary.

Learn more about our business, mission, and our commitment to diversity here.

It is the policy of Medtronic to provide equal employment opportunity (EEO) to all persons regardless of age, color, national origin, citizenship status, physical or mental disability, race, religion, creed, gender, sex, sexual orientation, gender identity and/or expression, genetic information, marital status, status with regard to public assistance, veteran status, or any other characteristic protected by federal, state or local law. In addition, Medtronic will provide reasonable accommodations for qualified individuals with disabilities.