It started with a simple idea: what if surgery could be less invasive and recovery less painful? Nearly 30 years later, that question still fuels everything we do at Intuitive. As a global leader in robotic-assisted surgery and minimally invasive care, our technologies—like the da Vinci surgical system and Ion—have transformed how care is delivered for millions of patients worldwide.

We’re a team of engineers, clinicians, and innovators united by one purpose: to make surgery smarter, safer, and more human. Every day, our work helps care teams perform with greater precision and patients recover faster, improving outcomes around the world.

The problems we solve demand creativity, rigor, and collaboration. The work is challenging, but deeply meaningful—because every improvement we make has the potential to change a life.

If you’re ready to contribute to something bigger than yourself and help transform the future of healthcare, you’ll find your purpose here.

Primary Function of Position
This role contributes broadly to the Product Cybersecurity organization by improving the overall security posture of software products, infrastructure, and services. The position involves developing security features and mitigations following guidance from security analysis, threat modeling and security testing. This role works collaboratively across multiple teams and product groups to ensure high-quality, secure products that meet regulatory and organizational standards within a fast-paced environment.

Essential Job Duties

• Design, develop, and implement product security features, mitigations, and tools
• Perform security testing and verification, including development and execution of test cases and protocols
• Triage, analyze, and investigate product security issues and vulnerabilities
• Conduct security reviews including architecture reviews, code reviews, and vulnerability assessments
• Prepare and communicate real-time security status updates and report to key stakeholders
• Stay current with evolving security threats, technologies, and best practices through formal and self-directed learning

Required Education, Skills & Experience

• Minimum 8 years of experience in cybersecurity, product security engineering or related field with a University degree; or 6 years experience and a Master's degree; or a PhD with 3 years experience; or equivalent experience
• Understanding of cybersecurity concepts, including hardware security (e.g. RFID tags, smartcards, IoT security mechanisms), software security, network/infrastructure security, cryptography, and security testing and verification
• Hands-on use of TPM tools, libraries (e.g., tpm2-tss), and integration strategies (e.g., secure/measured boot, remote attestation protocols, firmware validation)
• Familiarity with security protocols and technologies such as PKI, HSM, public key cryptography, TCP/IP, SSL/TLS, and network security
• Hands-on embedded software development experience in C/C++; experience with Yocto Linux and real time operating systems (QNX) is a plus
• Experience with scripting languages and Linux (Python, Bash, Shell; familiarity with PowerShell)
• Capable of conducting security analysis, threat modeling, and cybersecurity risk assessments for products and services
• Proficiency in secure coding practices, code analysis, and secure software development lifecycle (SDLC) principles
• Ability to support cross-functional teams and third-party vendors in addressing security concerns and compliance with security laws and regulations

Due to the nature of our business and the role, please note that Intuitive and/or your customer(s) may require that you show current proof of vaccination against certain diseases including COVID-19.  Details can vary by role.

Intuitive is an Equal Opportunity Employer. We provide equal employment opportunities to all qualified applicants and employees, and prohibit discrimination and harassment of any type, without regard to race, sex, pregnancy, sexual orientation, gender identity, national origin, color, age, religion, protected veteran or disability status, genetic information or any other status protected under federal, state, or local applicable laws.

Mandatory Notices

U.S. Export Controls Disclaimer:  In accordance with the U.S. Export Administration Regulations (15 CFR §743.13(b)), some roles at Intuitive Surgical may be subject to U.S. export controls for prospective employees
who are nationals from countries currently on embargo or sanctions status.

Certain information you provide as part of the application will be used for purposes of determining whether Intuitive Surgical will need to (i) obtain an export license from the U.S. Government on your behalf (note: the government’s licensing process can take 3 to 6+ months) or (ii) implement a Technology Control Plan (“TCP”) (note: typically adds 2 weeks to the hiring process).  

For any Intuitive role subject to export controls, final offers are contingent upon obtaining an approved export license and/or an executed TCP prior to the prospective employee’s
start date, which may or may not be flexible, and within a timeframe that does not unreasonably impede the hiring need. If applicable, candidates will be notified and instructed on any requirements for these purposes. 

We will consider for employment qualified applicants with arrest and conviction records in accordance with fair chance laws.

Preference will be given to qualified candidates who do not reside, or plan to reside, in Alabama, Arkansas, Delaware, Florida, Indiana, Iowa, Louisiana, Maryland, Mississippi, Missouri, Oklahoma, Pennsylvania, South Carolina, or Tennessee.

We provide market-competitive compensation packages, inclusive of base pay, incentives, benefits, and equity. It would not be typical for someone to be hired at the top end of range for the role, as actual pay will be determined based on several factors, including experience, skills, and qualifications. The target compensation ranges are listed.