Director Product Security Architecture & Engineering

Aquí es donde salvas y sostienes vidas

En Baxter, estamos profundamente conectados por nuestra misión. No importa tu rol en Baxter, tu trabajo tiene un impacto positivo en la gente alrededor del mundo. Sentirá un propósito en toda la organización, ya que sabemos que nuestro trabajo mejora los resultados para millones de pacientes.

Los productos y terapias de Baxter se encuentran en casi cada hospital del mundo, el clínicas y en los hogares. Por más de 85 años hemos sido pioneros en innovaciones médicas significativas que transforman el cuidado en salud.

Juntos creamos un lugar donde somos felices, exitosos y nos inspiramos mutuamente. Aquí es donde puedes hacer tu mejor trabajo.

Únete a nosotros en la intersección de salvar y sostener vidas-donde tu propósito acelera nuestra misión.

Your Role at Baxter:

As Baxter continues its journey to Advance Connected Care, the security and management of customer-generated data will be a significant priority. As the Director of Product Security Architecture and DevSecOps, you will be responsible for leading the organization and execution of medical product security by design development and software engineering related activities to architect and design preventative security development workflows and solutions. This includes developing and fostering strategic partnerships for the ongoing maintenance of operating systems used in Baxter products, working with global software teams to adopt best practices and common tools for incorporating regular updates.

What You’ll Be Doing:

•          Strategic Leadership: Provide vision and leadership in the development and execution of product security strategies in alignment with the business strategy.

•          Product Development & Software Engineering: Oversee the organization and execution of product development operations and software engineering efforts, with a focus on architecting and designing preventative security solutions.

•          Strategic Partnerships: Develop and maintain strategic partnerships around the ongoing maintenance of operating systems to ensure products remain secure against future cyber threats.

•          Security Program Development: Lead the development and daily operations of the development operations aspects of the security program to ensure the security of connected devices.

•          Risk Management: Work with cross-functional team members to establish and/or enhance ongoing preventative risk assessment processes for Baxter connected devices.

•          DevSecOps – Build solid platform and DevOps intelligent designs to ensure security by design standards for build pipelines, that drive security standardization and reduce risk through process and solutions. Execute and implement across all segments within Baxter.

•          Develop, maintain, and support shared service capabilities such as security testing, vulnerability management, training, coordinated vulnerability disclosure, incident response, and customer communications.

•          Oversee the development and implementation of the product security and privacy roadmap.

•          Drive DevSecOps strategies and solutions utilizing security risks to consolidate and align development operations platforms, processes, and solutions.

•          Develop and execute strategies for external presence and participation in industry groups, conferences, and thought leadership activities.

•          Build and motivate teams with complementary subject matter knowledge across all responsible capability areas.

•          Define resource planning and management plans to support short and long-term objectives and execute business processes to gain approval and execute resource plans.

•          Oversee internal communications on the product security and privacy program, including product security and privacy plans, implementation, issues, and external communications regarding program and product vulnerabilities.

•          Work with leadership of stakeholder groups as a change agent to define and implement preventative product security practices.

•          Provide professional development opportunities for staff to grow and develop expertise across required capability areas.

•          Build a risk-aware product security and privacy culture through education and awareness.

•          Serve as a subject matter resource for key BGPS areas of responsibility.

•          Ensure operating mechanisms and metrics of program implementation activities are measurable and reviewed using appropriate management review processes.

Your Team:

Reporting to Senior Director of Baxter Global Product Security, the Director Product Security Architecture and Engineering will lead a team of 4 director reports (architects).  You will work collaboratively across the Baxter organization including with enterprise IT, the R&D/Software product Development teams, Regulatory and Compliance.

Your Location:

The role is located at our global corporate headquarters in the greater Chicago, IL area northern suburb of Deerfield.  Baxter is committed to supporting the needs for flexibility in the workplace. We do so through our flexible workplace policy which includes a required minimum number of days a week onsite. This policy provides the benefits of connecting and collaborating in-person in support of our Mission. The flexible workplace policy is subject to local laws and legal requirements. At its discretion, Baxter may decide to adjust, suspend, or discontinue as business needs change. 

What You’ll Bring:

•          Bachelor’s degree in information systems, computer science, engineering or a related healthcare field; Master’s degree in technology, information systems or related field preferred or equivalent demonstrated work experience

•          Recommended Security certifications such as CISM, CISSP, other security and healthcare industry related credentials

•          Solid knowledge of Security by Design requirements, Software Bill of Materials (SBOM), Vulnerability Management and tools is required

•          Knowledge and experience in state and federal information security laws, including but not limited to HIPAA, including NIST, EU-MDR and all other applicable regulations

•          12+ Years as an experienced leader developing and mentoring technical resources and teams

•          Experience in application or embedded software development with responsibility for secure development, or extensive Information Security leadership experience including secure code development processes

•          Industry experience is open and may include healthcare IT, hospital/healthcare, financial services, aerospace, automotive, etc.; medical device experience is not required; global experience is preferred but not required

•          Knowledge of HIPAA, federal and international regulations on medical device security, transactions and security Extensive familiarity with health care relevant legislation and standards for the protection of health information and patient data

•          Proven ability to make sound decisions, build realistic plans, and manage and drive execution, including creating and implementing resource deployment strategies; demonstrated organization, facilitation, written and oral communication, and presentation skills

•          Demonstrated skills in collaboration, teamwork, and problem-solving to achieve goals

•          Clear understanding of development operations and build pipelines, tools and solutions

•          Demonstrated skills in verbal communication and listening

•          Demonstrated skills in providing excellent service to customers; excellent writing skills

•          A high level of integrity and trust

#LI-JR1

We understand compensation is an important factor as you consider the next step in your career. At Baxter, we are committed to equitable pay for all our employees, and we strive to be more transparent with our pay practices. The estimated base salary for this position is $184,000 - $253,000 annually. The estimated range is meant to reflect an anticipated salary range for the position. We may pay more or less than the anticipated range based upon market data and other factors, all of which are subject to change. Individual pay is based upon location, skills and expertise, experience, and other relevant factors. This position may also be eligible for discretionary bonuses and/or long-term incentive. For questions about this, our pay philosophy, and available benefits, please speak to the recruiter if you decide to apply and are selected for an interview.

US Benefits at Baxter (except for Puerto Rico)

This is where your well-being matters. Baxter offers comprehensive compensation and benefits packages for eligible roles. Our health and well-being benefits include medical and dental coverage that start on day one, as well as insurance coverage for basic life, accident, short-term and long-term disability, and business travel accident insurance. Financial and retirement benefits include the Employee Stock Purchase Plan (ESPP), with the ability to purchase company stock at a discount, and the 401(k) Retirement Savings Plan (RSP), with options for employee contributions and company matching. We also offer Flexible Spending Accounts, educational assistance programs, and time-off benefits such as paid holidays, paid time off ranging from 20 to 35 days based on length of service, family and medical leaves of absence, and paid parental leave. Additional benefits include commuting benefits, the Employee Discount Program, the Employee Assistance Program (EAP), and childcare benefits. Join us and enjoy the competitive compensation and benefits we offer to our employees. For additional information regarding Baxter US Benefits, please speak with your recruiter or visit our Benefits site: Benefits | Baxter

Igualdad de Oportunidades de Empleo (IOE)

Baxter es una empresa que ofrece igualdad de oportunidades. Baxter evalúa a los solicitantes calificados sin tener en cuenta raza, color, religión, género, nacionalidad, edad, orientación sexual, identidad o expresión de género, condición de veterano protegido, condición de discapacidad/hándicap o cualquier otra característica legalmente protegida.

Conozca sus derechos: La discriminación en el lugar de trabajo es ilegal

Reasonable Accommodations

Baxter is committed to working with and providing reasonable accommodations to individuals with disabilities globally. If, because of a medical condition or disability, you need a reasonable accommodation for any part of the application or interview process, please click on the link here and let us know the nature of your request along with your contact information.

Recruitment Fraud Notice

Baxter has discovered incidents of employment scams, where fraudulent parties pose as Baxter employees, recruiters, or other agents, and engage with online job seekers in an attempt to steal personal and/or financial information. To learn how you can protect yourself, review our Recruitment Fraud Notice.