Job Description

This is where you save and sustain lives

At Baxter, we are deeply connected by our mission. No matter your role at Baxter, your work makes a positive impact on people around the world. You\'ll feel a sense of purpose throughout the organization, as we know our work improves outcomes for millions of patients.

Baxter\'s products and therapies are found in almost every hospital worldwide, in clinics and in the home. For over 85 years, we have pioneered significant medical innovations that transform healthcare.

Together, we create a place where we are happy, successful and inspire each other. This is where you can do your best work.

Join us at the intersection of saving and sustaining lives\xe2\x80\x94where your purpose accelerates our mission.

Your team

When you join us, you will lead and work alongside a team of committed individuals who trust each other to deliver on the tasks at hand. We support innovation and out-of-the-box thinking balanced with teamwork across functions and other teams. Our leadership understands the need for continuous education and provides opportunities for further development.

Here, you often have the flexibility to work independently. We provide opportunities for you to continue to learn through various training, conferences, certifications, and support for advanced degrees.

What you\'ll be doing

• Leverage partnerships effectively with the product development, marketing, regulatory, quality and legal teams to establish and enforce information security requirements, plans, and policies in medical platforms and solutions which include applications, on-prem & SaaS platforms, Data science solutions, tools and service.
• Leading, mentoring and supporting a passionate team of security engineers through day-to-day security assessments and mitigations addressing product development for security by design in R&D, Privacy by Design, Threat-Modeling, Security Risk Assessments, Vulnerability Scanning, Penetration Testing, Security Whitepaper, MDS2 and SBOM Publishing
• Work with Manager, Central Product Security team and CISO/IT team to implement governance around Privacy by Design, Security Risks and vulnerability management in products.
• Assist in responses to and recovery from a security breach in conjunction with other team members and business units.
• Use tools to scan for and test possible product vulnerabilities; investigate security breaches.
• Keep abreast of industry CVE\xe2\x80\x99s, security guidance\xe2\x80\x99s and standards, participate and lead on appropriate customer security disclosures.
• Keep leadership informed on security risks, policies and product requirements.
• Work collaboratively with product teams on annual SOC2 and HiTrust audits for products.
• Build technical documentation around the security of a product including threat modeling, privacy assessments, whitepapers, etc.
• Participate in project planning and scoping of security related deliverables and activities.
• Ensures effective performance management, succession planning and talent pipeline is in place for technical and functional leadership across functions and/or technical disciplines.
• Manage, identify, hire, develop, and recognize technical staff; Create and maintain employee and organizational development; as well as HR plans that meet business needs.

What you\'ll bring

• Bachelor\'s Degree Computer Science or an equivalent with 14+ years of demonstrated product security and leadership experience. Master\xe2\x80\x99s degree in technology management or similar preferred.
• Expertise in crafting secure networks, systems, and application architectures.
• Familiarity with the development of medical products and importance of protecting PII/PHI and IP data.
• Understanding of technical embedded systems and software components and associated security risks and how to mitigate risks to drive state of the art medical solutions.
• Certification in security such as CAP, CCSP, or equivalent preferred.
• Keen attention to detail, critical thinking and analytical abilities.
• Proven interpersonal and communication (verbal, written, presentation) skills.
• Experienced in software development life cycle related to security.
• Proven understanding of application security throughout the Software Development Lifecycle (SDLC).
• Experience in addressing OWASP Top 10 vulnerabilities.
• Experience with some or all of the following: NIST 800-53, AMII TIR57, FDA Pre-Post Market Guidance, DoD RMF/ATO, SOC2, HiTrust, EU-MDR GDPR guidelines.
• Proven ability to work closely with Cross-Functional teams such as R&D, Regulatory, Quality, Marketing, Legal to ensure compliance and appropriate mitigation of security risks for medical products.

Baxter is committed to supporting the needs for flexibility in the workplace. We do so through our flexible workplace policy which includes a minimum of 3 days a week onsite. This policy provides the benefits of connecting and collaborating in-person in support of our Mission.

Reasonable Accommodations

Baxter is committed to working with and providing reasonable accommodations to individuals with disabilities globally. If, because of a medical condition or disability, you need a reasonable accommodation for any part of the application or interview process, please click on the here and let us know the nature of your request along with your contact information.

Recruitment Fraud Notice

Baxter has discovered incidents of employment scams, where fraudulent parties pose as Baxter employees, recruiters, or other agents, and engage with online job seekers in an attempt to steal personal and/or financial information. To learn how you can protect yourself, review our .

Baxter