Summary
Overview
Work History
Education
Skills
Affiliations
Websites
Certifications And Credentials
Timeline
Generic

LAURA GANNON

Circle Pines

Summary

CISSP-certified Principal Software Systems Engineer with extensive experience securing regulated systems. As a Cybersecurity SME, provided strategic security oversight for a Class III cardiac mapping platform, authored critical compliance documentation, and led risk prioritization efforts, significantly enhancing product security and regulatory compliance across global health applications.

Overview

18
18
years of professional experience

Work History

Principal Security Consultant / Founder

WP Security and Development
Circle Pines
09.2016 - Current
  • Functioned as de facto vCISO for SMB clients, directing security strategy, identifying risks, and organizing remediation efforts.
  • Developed comprehensive security strategies for diverse client environments.
  • Delivered security hardening and vulnerability assessment services for SMB clients, enabling incident response and continuous security monitoring in a multi-client managed environment
  • Implemented security protocols and best practices across various projects.
  • Conducted risk assessments to identify vulnerabilities in client systems.

Principal Software Systems Engineer - EnSite X Cardiac Mapping System (Class III, PMA-Regulated)

Abbott Laboratories
St. Paul
05.2020 - 01.2026
  • Sole requirements owner for 6 major EnSite X platform releases (v1.1-v5.x); maintained audit-defensible system-level specifications in IBM DOORS for a PMA-regulated platform used in global EP procedures
  • Owned LiveSync Module requirements for bi-directional platform API enabling real-time AI-guided ablation integration, ensuring security and technical integrity in complex integration processes
  • Led security-aware requirements authoring for Boston Scientific Farawave PFA catheter integration, establishing platform's first pulsed-field ablation catheter and enhancing clinical capabilities and connectivity
  • Designated team Cybersecurity SME (post-CISSP, 2023); provided platform security guidance on architecture decisions, FDA submission documentation, and product lifecycle security strategy
  • Authored DHF documentation including FMEAs and hazard analyses for PMA supplement submissions, ensuring compliance with FDA regulations and IEC 62304 software development lifecycle standards
  • Recipient of 5+ Abbott Excellence Awards across major platform release cycles (2020-2026)

Sr. Software Engineer - CareLink Cardiac Remote Monitoring / Altair Cloud Platform

Medtronic
Mounds View
02.2018 - 05.2020
  • Authored security and architecture requirements for Medtronic's Altair Platform, facilitating Kubernetes-based cloud migration of cardiac remote monitoring infrastructure
  • Led GDPR-to-Control mapping initiative with Legal and Compliance; produced first structured privacy control documentation for CareLink platform, aligning engineering and regulatory stakeholders
  • Executed requirements rescue on legacy CareLink platform; corrected IEC 62304 compliance gaps across inherited specifications, reestablishing full audit-defensible traceability

Systems Engineer / Cybersecurity Engineer - Bradley Fighting Vehicle / AAMPV Programs

BAE Systems
San Jose
01.2008 - 01.2018
  • Formalized the platform cybersecurity function from requirements inception after joining the BAE Cybersecurity Team in 2012.
  • Engaged NSA on classified system security architecture; defined requirements aligned with NSA-validated security standards for Army ground vehicle platforms to ensure robust cybersecurity integration
  • Implemented Risk Management Framework (RMF) across ground vehicle programs; conducted NIST 800-53 control mapping, gap analysis, and POA&M development to enhance program compliance and security posture
  • Authored custom Cross-Domain Solution (CDS) specifications for Bradley/AAMPV - defining controlled information transfer requirements between classification domains
  • Conducted vendor trade study analysis for CDS procurement; assessed solutions against NSA-validated and program-specific security requirements to inform selection process and mitigate risks
  • Maintained active Secret security clearance throughout full 10-year tenure; eligible for reinstatement

Education

MS - Electrical Engineering, Computer Systems and Network Security

Cal Poly Pomona
Pomona, CA
01-2007

BS - Electrical Engineering

Cal Poly Pomona
Pomona
01-2003

Skills

  • Product Security Architecture
  • Threat Modeling
  • Risk Assessment
  • Vulnerability Assessment
  • Penetration Testing Planning
  • Security Lifecycle Management
  • NIST 800-53
  • NIST Framework
  • ISO 27001
  • HITRUST
  • FDA/PMA Cybersecurity
  • GDPR Security Requirements Engineering
  • IEC 62304
  • DHF Documentation
  • FMEA
  • Hazard Analysis
  • Cross-Domain Solutions (CDS)
  • IBM DOORS
  • Cross-functional Security Collaboration
  • RMF

Affiliations

  • ISC2
  • Society of Women Engineers (SWE)

Websites

Certifications And Credentials

  • CISSP, ISC2, 2023, renewal in progress
  • Engineer in Training (EIT), California Board for Professional Engineers
  • CompTIA Security+, In Progress, 2026

Timeline

Principal Software Systems Engineer - EnSite X Cardiac Mapping System (Class III, PMA-Regulated)

Abbott Laboratories
05.2020 - 01.2026

Sr. Software Engineer - CareLink Cardiac Remote Monitoring / Altair Cloud Platform

Medtronic
02.2018 - 05.2020

Principal Security Consultant / Founder

WP Security and Development
09.2016 - Current

Systems Engineer / Cybersecurity Engineer - Bradley Fighting Vehicle / AAMPV Programs

BAE Systems
01.2008 - 01.2018

MS - Electrical Engineering, Computer Systems and Network Security

Cal Poly Pomona

BS - Electrical Engineering

Cal Poly Pomona
LAURA GANNON