Pr. Cyber Information Assurance Analyst

About The Position

Requirements

• 7+ years of relevant experience in compliance, risk management, or GRC functions with a bachelors degree or 5+ years of relevant experience with an advanced degree or 12+ years of relevant experience with a high school diploma or equivalent.

Nice To Haves

• Applicable certifications for cyber and/or compliance (e.g. CISSP, CISA, CRISC, CISM)
• Familiarity with compliance systems (E.g. OneTrust , Logic Gate, Archer, etc.)
• Strong understanding of system administration principles and user management.
• Excellent analytical, communication, and problem-solving skills.
• Previous Medtronic experience
• Bachelor’s or advanced degree

Responsibilities

• Process Development for Control & Regulatory Assessments Design and document repeatable processes for assessing the implementation and effectiveness of cybersecurity controls.
• Develop assessment methodologies aligned with internal policies, industry frameworks (e.g., NIST, ISO 27001), and regulatory requirements (e.g., GDPR, HIPAA, FDA, NIST2.0, NIST AI, NIS2, SOX, etc.).
• Create clear workflows for pre-assessment scoping, evidence collection, validation, scoring, and reporting.
• Remediation Management Framework Build a structured process for tracking control deficiencies, assigning remediation tasks, and following up on resolution status.
• Define escalation protocols and reporting formats for unresolved issues and overdue remediation items.
• Support control owners with guidance on remediation expectations and timelines.
• Documentation, Training & Continuous Improvement Draft comprehensive documentation for all developed processes, procedures, and related templates.
• Develop and deliver training materials and user guides for stakeholders (e.g., control owners, risk assessors).
• Identify opportunities to improve the efficiency and effectiveness of compliance measurement and enforcement.
• Stay up to date with evolving cybersecurity and privacy regulations and advise on required updates to processes or tools.
• Stakeholder Coordination & Communication Represents the organization as primary contact for specific projects and initiatives, communicating with internal and external customers and vendors at various levels.
• Collaborate with legal, privacy, risk, and security teams to ensure processes align with broader enterprise compliance requirements.
• Coordinate with GCISO compliance lead(s), internal and external auditors as needed to support formal compliance reviews or assessments.
• Serve as a central point of contact for questions or issues related to cyber control compliance processes.

Benefits

• Medtronic offers a competitive Salary and flexible Benefits Package
• A commitment to our employees lives at the core of our values.
• We recognize their contributions.
• They share in the success they help to create.
• We offer a wide range of benefits, resources, and competitive compensation plans designed to support you at every career and life stage.
• Health, Dental and vision insurance, Health Savings Account, Healthcare Flexible Spending Account, Life insurance, Long-term disability leave, Dependent daycare spending account, Tuition assistance/reimbursement, and Simple Steps (global well-being program).
• Incentive plans, 401(k) plan plus employer contribution and match, Short-term disability, Paid time off, Paid holidays, Employee Stock Purchase Plan, Employee Assistance Program, Non-qualified Retirement Plan Supplement (subject to IRS earning minimums), and Capital Accumulation Plan (available to Vice Presidents and above, or subject to IRS earning minimums).