Product Cybersecurity Specialist
| Company | Baxter International |
|---|---|
| Location | Raleigh, NC, USA, Auburn, NY, USA, Chicago, IL, USA, Milwaukee, WI, USA, Highland Park, IL, USA |
| Salary | $120000 – $165000 |
| Type | Full-Time |
| Degrees | Bachelor’s |
| Experience Level | Senior, Expert or higher |
Requirements
- Bachelor’s degree in Computer Science, Electrical Engineering, Software Engineering or related engineering discipline with 8+ years of experience.
- Experience in Operating Systems such as Linux.
- Experience in threat modeling using tools like Microsoft Stride, malware analysis, digital forensics.
- Experience in testing and implementing security controls in regulated industry.
- Knowledge in modern software development process and DevOps tools such as Jenkins, Git and Gerrit.
Responsibilities
- Accountable for defining and implementing the Cybersecurity strategy across Digital solutions and technical services portfolio.
- Provide leadership, strategic mentorship and multi-functionally collaborate with GBUs to architect, design and develop the software security features for multiple products and platforms.
- Implement innovative security solutions for platforms and/or server platforms.
- Lead implementation of medical device cybersecurity functionalities that are part of an overall security architecture, including common security protocol stacks such as IPsec, TLS, OAuth, and SAML.
- Model cybersecurity threats using tools such as STRIDE, and assess risks using CVSS.
- Assess security findings from various sources. This includes Static Code Analysis and Penetration Testing.
- Identify known/unknown vulnerabilities associated with Baxter’s medical devices and provide inputs/technical expertise to multiple teams to eliminate/mitigate identified cybersecurity risks.
- Develop security tools that help to collect cyber threat intelligence, supervise emerging vulnerabilities in software, and implement secure coding standards.
- Support medical device cybersecurity certification programs such as UL 2900.
- Perform internal security tests to validate security capabilities and compliance for medical devices.
- Work with internal or external resources to plan and implement Security Activities (like Penetration Testing) on various products.
- Maintain relationships with strategic partners in this space to ensure Baxter development process with respect to Cybersecurity, is industry leading, Top Quartile.
- Work with ministries of health, and certifying bodies to represent the company and devices in threat analysis, certification and notifications.
Preferred Qualifications
- Experience or strong interest in IoT (Internet of Things) device development, especially in embedded platform security, device communication protocols, and cryptographic functions preferred.
- Some knowledge in cybersecurity standards such as NIST 800-53, ISO 27001, and FIPS 140-2 is preferred.