We anticipate the application window for this opening will close on - 24 Dec 2025

 

At Medtronic you can begin a life-long career of exploration and innovation, while helping champion healthcare access and equity for all. You’ll lead with purpose, breaking down barriers to innovation in a more connected, compassionate world.

A Day in the Life

This role will bring the specialized expertise and structure needed to navigate complex regulatory, contractual, and industry requirements. This role will: Translate regulations into actionable controls, measure and reduces organizational risk, strengthens customer and stakeholder confidence, enables efficient cross-functional alignment, and will build and operate scalable, repeatable processes.

At Medtronic you can begin a life-long career of exploration and innovation, while helping champion healthcare access and equity for all. You’ll lead with purpose, breaking down barriers to innovation in a more connected, compassionate world.

At Medtronic, we bring bold ideas forward with speed and decisiveness to put patients first in everything we do. In-person exchanges are invaluable to our work. We're working onsite 4 days a week as part of our commitment to fostering a culture of professional growth and cross-functional collaboration as we work together to engineer the extraordinary. In your role, you may work from the following Medtronic sites:

A Day in the Life

The Cybersecurity Information Assurance Principal is a recognized expert responsible for defining strategic direction and operationalizing key processes for cybersecurity compliance, measurement, documentation, and enforcement. This role requires considerable strategic and operational independence across all areas.  This contract role is highly strategic and execution-focused, with the following expectations:

 Core Responsibilities: 

 1.        Process Development for Control & Regulatory Assessments

• Design and document repeatable processes for assessing the implementation and effectiveness of cybersecurity controls.

• Develop assessment methodologies aligned with internal policies, industry frameworks (e.g., NIST, ISO 27001), and regulatory requirements (e.g., GDPR, HIPAA, FDA, NIST2.0, NIST AI, NIS2, SOX, etc.).

• Create clear workflows for pre-assessment scoping, evidence collection, validation, scoring, and reporting.

2.        Remediation Management Framework

• Build a structured process for tracking control deficiencies, assigning remediation tasks, and following up on resolution status.

• Define escalation protocols and reporting formats for unresolved issues and overdue remediation items.

• Support control owners with guidance on remediation expectations and timelines.

3.        Documentation, Training & Continuous Improvement

• Draft comprehensive documentation for all developed processes, procedures, and related templates.

• Develop and deliver training materials and user guides for stakeholders (e.g., control owners, risk assessors).

• Identify opportunities to improve the efficiency and effectiveness of compliance measurement and enforcement.

• Stay up to date with evolving cybersecurity and privacy regulations and advise on required updates to processes or tools.

4.        Stakeholder Coordination & Communication

• Represents the organization as primary contact for specific projects and initiatives, communicating with internal and external customers and vendors at various levels.

• Collaborate with legal, privacy, risk, and security teams to ensure processes align with broader enterprise compliance requirements.

• Coordinate with GCISO compliance lead(s), internal and external auditors as needed to support formal compliance reviews or assessments.

• Serve as a central point of contact for questions or issues related to cyber control compliance processes.

 MUST HAVE:

• 7+ years of relevant experience in compliance, risk management, or GRC functions with a bachelors degree or 5+ years of relevant experience with an advanced degree or 12+ years of relevant experience with a high school diploma or equivalent.

NICE TO HAVE:

• Applicable certifications for cyber and/or compliance (e.g. CISSP, CISA, CRISC, CISM)

• Familiarity with compliance systems (E.g. OneTrust , Logic Gate, Archer, etc.)

• Strong understanding of system administration principles and user management.

• Excellent analytical, communication, and problem-solving skills.

• Previous Medtronic experience

• Bachelor’s or advanced degree

Physical Job Requirements

The above statements are intended to describe the general nature and level of work being performed by employees assigned to this position, but they are not an exhaustive list of all the required responsibilities and skills of this position. 

The physical demands described within the Responsibilities section of this job description are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. For Office Roles: While performing the duties of this job, the employee is regularly required to be independently mobile. The employee is also required to interact with a computer, and communicate with peers and co-workers. Contact your manager or local HR to understand the Work Conditions and Physical requirements that may be specific to each role.

Benefits & Compensation
 

Medtronic offers a competitive Salary and flexible Benefits Package
A commitment to our employees lives at the core of our values. We recognize their contributions. They share in the success they help to create.  We offer a wide range of benefits, resources, and competitive compensation plans designed to support you at every career and life stage.
 

Salary ranges for U.S (excl. PR) locations (USD):$128,800.00 - $193,200.00

 

This position is eligible for a short-term incentive called the Medtronic Incentive Plan (MIP).

Salary ranges for U.S (excl. PR) locations (USD):$128,800.00 - $193,200.00

The base salary range is applicable across the United States, excluding Puerto Rico and specific locations in California. The offered rate complies with federal and local regulations and may vary based on factors such as experience, certification/education, market conditions, and location. Compensation and benefits information pertains solely to candidates hired within the United States (local market compensation and benefits will apply for others).

The following benefits and additional compensation are available to those regular employees who work 20+ hours per week: Health, Dental and vision insurance, Health Savings Account, Healthcare Flexible Spending Account, Life insurance, Long-term disability leave, Dependent daycare spending account, Tuition assistance/reimbursement, and Simple Steps (global well-being program).

 

The following benefits and additional compensation are available to all regular employees: Incentive plans, 401(k) plan plus employer contribution and match, Short-term disability, Paid time off, Paid holidays, Employee Stock Purchase Plan, Employee Assistance Program, Non-qualified Retirement Plan Supplement (subject to IRS earning minimums), and Capital Accumulation Plan (available to Vice Presidents and above, or subject to IRS earning minimums).

 

Regular employees are those who are not temporary, such as interns.  Temporary employees are eligible for paid sick time, as required under applicable state law, and the Employee Stock Purchase Plan. Please note some of the above benefits may not apply to workers in Puerto Rico.

 

Further details are available at the link below:

Medtronic benefits and compensation plans

About Medtronic

We lead global healthcare technology and boldly attack the most challenging health problems facing humanity by searching out and finding solutions.
Our Mission — to alleviate pain, restore health, and extend life — unites a global team of 95,000+ passionate people. 
We are engineers at heart— putting ambitious ideas to work to generate real solutions for real people. From the R&D lab, to the factory floor, to the conference room, every one of us experiments, creates, builds, improves and solves. We have the talent, diverse perspectives, and guts to engineer the extraordinary.

Learn more about our business, mission, and our commitment to diversity here.

It is the policy of Medtronic to provide equal employment opportunity (EEO) to all persons regardless of age, color, national origin, citizenship status, physical or mental disability, race, religion, creed, gender, sex, sexual orientation, gender identity and/or expression, genetic information, marital status, status with regard to public assistance, veteran status, or any other characteristic protected by federal, state or local law. In addition, Medtronic will provide reasonable accommodations for qualified individuals with disabilities.