Director, IT, Product Security

Many structural heart patients suffer from heart failure with limited options. Our Implantable Heart Failure Management (IHFM) team is at the forefront of addressing these unmet patient needs through pioneering technology that enables early, targeted therapeutic intervention. Our innovative solutions are not just transforming patient care but also creating a unique and exciting environment for our team members. It’s our driving force to help patients live longer and healthier lives. Join us and be part of our inspiring journey. 

How you'll make an impact: 

Establish and maintain a corporate-wide security management program to ensure that information assets, technology, products, intellectual property, and patient data are adequately protected.

This role is required to be onsite in our Naperville location. Relocation is available. 

• Oversee, lead, and provide briefings of key security functional area based on critical subject matter expertise (e.g. Incident response, threat intelligence, etc.). 

• Manage team members and/or professionals and/or oversee the work with responsibility for assigned sections of the information security department. Develop a robust talent development and succession planning in alignment with functional growth strategies. 

• Collaborate with key stakeholders to translate business requirements into EW security practices resulting in influencing stakeholders to implement key security requirements. 

• Lead and manage the Product Security team, ensuring the security of our products and services (lead a small team of 1-2 people)

• Collaborate with security professionals to design and implement robust security measures.

• Oversee AWS Security (Amazon Web Services Security) practices to protect cloud-based infrastructure.

• Conduct regular security assessments and audits to identify and mitigate risks.

• Stay updated with the latest security trends and threats to proactively address potential vulnerabilities.

• Provide strategic direction and leadership in all aspects of product security.

• Define global communications plan for employee security awareness and best practices. 

• Identify corporate-wide requirements to integrate security in information and product lifecycle. 

• Asses needs and develop, propose, and implement solutions. 

• Act upon external/internal threat information and advice relevant stakeholders on the appropriate. 

What you'll need (Required): 

• Bachelor's Degree in a related field and 12 years of previous related experience (e.g., computer science, security, engineering, information security, technology, etc.) required with skill levels exceeding the requirements of a Manager -OR - Master's Degree or equivalent in related field and 10 years' experience

• Bachelor's Degree in related field + 8 years of related experience in IT / Computer Science / networking engineering / R&D

• AWS Security Certification or hands-on expertise

• Product Security hands-on expertise

• Strong AWS, DevOps, and Cloud experience.

What else we look for (Preferred): 

• Product Security experience in the Medical Device industry

• Expertise in DevSecOps/DevCloudSecOps, integrating security into CI/CD pipelines and cloud environments

• Certifications such as CISSP, CISM, CSSLP, GIAC, MCSE, or CCSP

• Experience advising startups in the med tech and pharma industries

• Skilled in building product roadmaps

• Secure Software Development Life Cycle (SSLDC) experience

• Knowledge of FDA guidelines

• Writing testable cybersecurity requirements

• Risk management lifecycle experience

• Strong project management leadership skills.

• Excellent problem-solving, organizational, analytical, and critical thinking skills.

• Exceptional written and verbal communication skills, including negotiating and relationship management.

• Broad knowledge of security lifecycle in information assets, technology, products, and intellectual property.

• Understanding of information security and privacy standards and laws, and common security management frameworks (e.g., ISO/IEC 27001, ITIL, COBIT, NIST).

• Ability to manage teams, provide coaching and feedback, and partner with HR on employee relations.

• Attention to detail and ability to interact professionally at all organizational levels.

• Ability to work in a fast-paced, dynamic environment and lead technical meetings.

• Dedication to quality client service and proactive responsiveness to client needs.

• Ability to influence change and develop cross-functional relationships.

• Experience in applications, software, and data protection 

• Experience in information and product lifecycle security (e.g., from concept to commercialization) 

• Experience in data protection processes and technologies, cyber threat management, incident response, vulnerability testing, risk management 

• Expert knowledge and understanding of information security and privacy standards and laws 

• Intermediate knowledge of privacy regulations and appropriate safeguards and ability to apply to relevant situations 

• Frequently interacts with internal and external management and senior-level customer representatives concerning projects, operational decisions, scheduling requirements, and/or contractual clarifications 

• Require the ability to change the thinking of, or gain acceptance from others in sensitive situations, without damage to the relationship 

• Develop peer, cross functional and cross business relationships to maximize best practice sharing and team effectiveness. 

• Provide leadership and direction to cross-functional teams to successfully implement global enterprise systems and related solutions 

• Support and solicit input from team members at all levels 

• Demonstrated track record in people management.

• Experience in regulated industries, applications, software, and data protection.

• Knowledge of information and product lifecycle security, data protection processes, cyber threat management, incident response, vulnerability testing, and risk management.

Aligning our overall business objectives with performance, we offer competitive salaries, performance-based incentives, and a wide variety of benefits programs to address the diverse individual needs of our employees and their families.

For Illinois (IL), the base pay range for this position is $170,000 to $241,000 (highly experienced). The pay for the successful candidate will depend on various factors (e.g., qualifications, education, prior experience).  Applications will be accepted while this position is posted on our Careers website.   

Edwards is an Equal Opportunity/Affirmative Action employer including protected Veterans and individuals with disabilities.

COVID Vaccination Requirement

Edwards is committed to protecting our vulnerable patients and the healthcare providers who are treating them. As such, all patient-facing and in-hospital positions require COVID-19 vaccination. If hired into a covered role, as a condition of employment, you will be required to submit proof that you have been vaccinated for COVID-19, unless you request and are granted a medical or religious accommodation for exemption from the vaccination requirement. This vaccination requirement does not apply in locations where it is prohibited by law to impose vaccination.