Sr DevSecOps Engineer

Medtronic


Job Location:

Lafayette, IN - USA

Monthly Salary: $ 124800 - 187200
Posted on: 15 hours ago
Vacancies: 1 Vacancy

Job Summary

We anticipate the application window for this opening will close on - 6 Jul 2026


Careers that change lives start here. Medtronic is a global leader in healthcare technology with a Mission to alleviate pain restore health and extend life. Our 95000 employees work across more than 150 countries to put patients first developing innovative medical technologies that improve the lives of 72 million patients each year. Your unique talents will help shape the future of healthcare while building a career grounded in purpose growth and impact.

A Day in the Life

The Sr DevSecOps Engineer defines implements and governs secure embedded software platform practices for regulated medical device programs. This role provides technical leadership across CI/CD automation embedded Linux security software supply chain controls vulnerability management cybersecurity risk analysis and release evidence generation to support safe secure and compliant medical device development.

The Sr DevSecOps Engineer will join the Embedded OS Platforms Team to lead secure embedded platform enablement for new and existing medical device development programs. The Embedded OS Platforms Team delivers the core software infrastructure and foundational system components that enable operation of the application software. This role is responsible for advancing reusable DevSecOps frameworks secure software supply chain practices embedded Linux security capabilities and cybersecurity lifecycle processes across multiple products.

The successful candidate will serve as a technical lead who partners with software systems product security quality regulatory and program teams to deliver secure maintainable and compliant platform solutions.

Key Responsibilities

  • Define and own the DevSecOps architecture and roadmap for embedded capital equipment platforms including CI/CD pipelines build infrastructure security automation release evidence and long-term maintainability.
  • Develop and maintain secure embedded platform software build infrastructure and reusable automation capabilities.
  • Create and support Yocto-based embedded Linux distributions BSP software device drivers hypervisors and platform-level OS components.
  • Establish secure software supply chain practices including SBOM generation SOUP/OTS component tracking license awareness vulnerability monitoring end-of-support tracking and remediation workflows.
  • Develop reusable CI/CD templates and pipeline controls for static analysis software composition analysis unit test automation artifact signing provenance tracking cybersecurity evidence capture and release readiness.
  • Lead threat modeling and cybersecurity risk analysis for embedded platform components including asset identification attack surface analysis exploitability assessment security controls and traceability to risk mitigations.
  • Drive CVE intake enrichment asset mapping triage risk scoring remediation planning validation and reporting in partnership with Product Security SWQA Systems and program teams.
  • Design and implement secure boot firmware signing cryptographic configuration key/certificate lifecycle support authenticated update mechanisms and secure device communication patterns.
  • Define runtime security monitoring requirements and support post-market cybersecurity monitoring and vulnerability response workflows.
  • Review reported anomalies assess cybersecurity impact and support incident-response activities as needed.
  • Support regulatory submissions and audits by ensuring cybersecurity software lifecycle and DevSecOps evidence is complete traceable reproducible and aligned with internal quality system expectations.
  • Define platform-level OS and BSP maintenance strategies including Linux kernel support Yocto release planning driver update strategy patchability and security update governance across the product lifecycle.
  • Collaborate with external vendors and internal partners to evaluate security tooling embedded Linux support models vulnerability intelligence penetration testing outputs and long-term maintenance approaches.
  • Provide technical leadership and mentoring to software engineers DevOps engineers and platform teams on secure coding build automation vulnerability handling and regulated software development practices.
  • Partner with product teams to define platform capabilities that are reusable secure testable and scalable across multiple capital equipment programs.

Technologies & Tools

  • AMD Zynq and Zynq UltraScale SoCs NVIDIA ORIN SafeRTOS FreeRTOS
  • Yocto-based embedded Linux package development
  • Embedded hypervisors Linux device drivers BSPs and boot flows
  • Custom build systems and CI/CD pipelines
  • Docker Snyk SonarQube and software composition analysis tools
  • Static analysis software composition analysis artifact signing and vulnerability management tools
  • Python Bash and Go
  • Atlassian tools including Bitbucket Jira Bamboo and Confluence
  • GitHub and GitLab
  • Networking security secure boot firmware signing and secure update technologies

Minimum Qualifications:

  • Bachelors degreeand minimum of 4 years of relevant experience OR Masters degree with a minimum of 2 years relevant experience OR PhD with 0 years relevant experience.

Preferred Qualifications

  • Strong understanding of FDA cybersecurity expectations IEC 62304 ISO 14971 ISO 13485 SOUP/OTS software management SBOM practices and software lifecycle evidence generation.
  • Experience implementing security automation in CI/CD pipelines including SAST SCA container scanning artifact signing build reproducibility traceability and vulnerability reporting.
  • Strong experience with threat modeling vulnerability assessment cybersecurity risk analysis and secure-by-design architecture reviews.
  • Experience with CVE triage methods that include exploitability asset exposure configuration applicability runtime reachability known exploited vulnerabilities and remediation validation.
  • Strong experience in embedded Linux platform development for regulated safety-critical or high-reliability products.
  • Hands-on experience with AMD/Xilinx SoC-based embedded systems including AMD Zynq 7000 series Zynq UltraScale Kria SOM and the NVIDIA ORIN platform. Experience with real-time operating systems such as SafeRTOS and QNX Neutrino.
  • Experience with Yocto BSPs OS layers kernel configuration boot flows device drivers and embedded platform security.
  • Experience developing or governing DevSecOps practices in regulated medical device safety-critical aerospace automotive or industrial control environments.
  • Ability to collaborate across hardware software systems product security quality regulatory program management and product management stakeholders.
  • Demonstrated ability to influence cross-functional engineering and leadership decisions without direct authority.
  • Experience defining reusable platform practices across multiple products programs hardware variants or software release branches.
  • Strong debugging problem-solving and root-cause analysis skills.
  • Strong technical communication skills with the ability to translate cybersecurity and DevSecOps risks into actionable engineering and leadership decisions.

TECHNICAL SPECIALIST CAREER STREAM: An individual contributor with responsibility in technical functions to advance existing technology or introduce new technology and therapies. Formulates delivers and manages projects assigned and works with stakeholders to achieve desired results. May act as a mentor to colleagues or direct the work of other professionals. The majority of time is spent delivering R&D systems or initiatives related to new technologies or therapies from design to implementation while adhering to policies and using specialized knowledge and skills.

Autonomy: Recognized technical leader who works independently under limited supervision to determine and develop approaches to complex solutions. Provides technical direction coaching and review for lower-level specialists and may manage complex projects or processes.

Organizational Impact: Responsible for major workstreams platform capabilities or processes within the job area. Contributes to completion of work group and cross-functional objectives by building relationships aligning stakeholders and driving consensus on technical direction.

Innovation and Complexity: Addresses difficult and complex problems that require understanding of multiple technical domains product programs cybersecurity considerations and regulated software development expectations. Improves processes systems tools and products to enhance performance maintainability security and compliance.

Communication and Influence: Communicates with senior internal and external stakeholders customers and vendors. Exchanges information statuses ideas and technical recommendations to influence decision-making and achieve project and organizational objectives.

Leadership and Talent Management: Provides guidance coaching and training to employees within the job area. May lead technical workstreams delegate technical tasks and review work products to ensure quality consistency and alignment with platform objectives.

Required Knowledge and Experience: Requires a Baccalaureate degree and a minimum of 7 years of relevant experience or an advanced degree with a minimum of 5 years of relevant experience.

For Baccalaureate degrees earned outside of the United States a degree that satisfies the requirements of 8 C.F.R. 214.2(h)(4)(iii)(A) is required.

Physical Job Requirements

The above statements are intended to describe the general nature and level of work being performed by employees assigned to this position but they are not an exhaustive list of all the required responsibilities and skills of this position.

The physical demands described within the Responsibilities section of this job description are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. For Office Roles: While performing the duties of this job the employee is regularly required to be independently mobile. The employee is also required to interact with a computer and communicate with peers and co-workers. Contact your manager or local HR to understand the Work Conditions and Physical requirements that may be specific to each role.

U.S. Work Authorization & Sponsorship

At Medtronic we are committed to fostering an environment where employees can thrive and make a meaningful alignment with our enterprise-wide workforce planning approach U.S. work authorization sponsorship (H-1B TN J etc.) is offered exclusively for Principal-level roles and above where specialized expertise aligns with long-term business needs. Roles below the Principal level require candidates to possess unrestricted U.S. work authorization at the time of hire and for the duration of employment.

Recruitment Fraud Alert

We are aware of phishing scams targeting job seekers. Please keep the following in mind:


Apply only through official Medtronic channels. All legitimate Medtronic recruiting communications come from approved Medtronic platforms and official @ email addresses.


Medtronic will never ask for payment or sensitive personal information (such as bank account or Social Security details) during early stages of the hiring process. Any such requests are not legitimate.


If you receive a suspicious message claiming to be from Medtronic do not respond click links or open attachments.


If you have any questions concerns regarding the authenticity of a communication alleged to have been made by or on behalf of Medtronic please contact us immediately at .

Benefits & Compensation

Medtronic offers a competitive Salary and flexible Benefits Package
A commitment to our employees lives at the core of our values. We recognize their contributions. They share in the success they help to create. We offer a wide range of benefits resources and competitive compensation plans designed to support you at every career and life stage.

Salary ranges for U.S (excl. PR) locations (USD):$124800.00 - $187200.00

This position is eligible for a short-term incentive called the Medtronic Incentive Plan (MIP).

The base salary range is applicable across the United States excluding Puerto Rico and specific locations in California. The offered rate complies with federal and local regulations and may vary based on factors such as experience certification/education market conditions and location. Compensation and benefits information pertains solely to candidates hired within the United States (local market compensation and benefits will apply for others).

The following benefits and additional compensation are available to those regular employees who work 20 hours per week: Health Dental and vision insuranceHealth Savings AccountHealthcare Flexible Spending AccountLife insurance Long-term disability leaveDependent daycare spending accountTuition assistance/reimbursement andSimple Steps (global well-being program).

The following benefits and additional compensation are available to all regular employees:Incentive plans 401(k) plan plus employer contribution and matchShort-term disabilityPaid time offPaid holidaysEmployee Stock Purchase PlanEmployee Assistance ProgramNon-qualified Retirement Plan Supplement (subject to IRS earning minimums) andCapital Accumulation Plan (available to Vice Presidents and above or subject to IRS earning minimums).

Regular employees are those who are not temporary such as interns. Temporary employees are eligible for paid sick time as required under applicable state law and the Employee Stock Purchase Plan. Please note some of the above benefits may not apply to workers in Puerto Rico.

Further details are available at the link below:

Medtronic benefits and compensation plans

It is the policy of Medtronic to provide equal employment opportunity (EEO) to all persons regardless of age color national origin citizenship status physical or mental disability race religion creed gender sex sexual orientation gender identity and/or expression genetic information marital status status with regard to public assistance veteran status or any other characteristic protected by federal state or local addition Medtronic will provide reasonable accommodations for qualified individuals with disabilities.


If you are applying to perform work for Medtronic Inc. (Medtronic) in any position which will involve performing at least two (2) hours of work on average each week within the unincorporated areas of Los Angeles County you can findhere a list of all material job duties of the specific job position which Medtronic reasonably believes that criminal history may have a direct adverse and negative relationship potentially resulting in the withdrawal of a conditional offer of employment. Medtronic will consider for employment qualified job applicants with arrest or conviction records in accordance with the Los Angeles County Fair Chance Ordinance for Employers and the California Fair Chance Act.


Required Experience:

Senior IC

We anticipate the application window for this opening will close on - 6 Jul 2026Careers that change lives start here. Medtronic is a global leader in healthcare technology with a Mission to alleviate pain restore health and extend life. Our 95000 employees work across more than 150 countries to put ...

About Company

Company Logo

About Medtronic Together, we can change healthcare worldwide. At Medtronic, we push the limits of what technology can do to help alleviate pain, restore health and extend life. We challenge ourselves and each other to make tomorrow better than yesterday. It is what makes this an excit ... View more

View Profile View Profile