BD
Director, Product Security - STS & Secure Environments
BD, San Diego, California, United States, 92189
Overview
Director, Product Security - STS & Secure Environments
is a leadership role within BD. The Product Security Office (PSO) ensures product security risks for BD’s software-based products and solutions are managed over their lifecycle. In the PSO, we offer flexibility so you can balance your work and personal responsibilities. The Director, Product Security is responsible for BD’s product security posture for products in the Software Technology Solutions (STS) organization—BD’s global software innovation engine that enables smart connectivity for connected and cloud-based solutions over their lifecycle. Reporting to the VP, R&D, Product Security, this role will also drive the adoption and execution of Secure SW Environments to help BUs deliver best-in-class secure products, consistent with global regulatory requirements over the lifecycle. This role works in close partnership with R&D, Enterprise Security, Technology & Global Services, Quality, Regulatory Affairs, Legal, business leaders and functional authorities at corporate, regional, and business-unit (BU) levels to collaboratively advance strategic priorities and promote agile management of the opportunities within BD. They shall partner with various stakeholders to drive security strategies into annual strategic plans, as appropriate. The successful candidate will direct a team of product security resources while influencing and partnering with R&D teams to develop and implement product security plans over the full product lifecycle, including innovation, new product development and sustaining engineering that will meet the expectation of customers and product regulators (e.g., US CDRH, EU Notified Bodies, global MOHs etc.) will be hands on when required but is additionally responsible to develop strong leaders in their team with capabilities that align to the strategy and transform supported platforms and business units to maintain outstanding performance. Role Responsibilities
Leadership & Management: Build and lead a high performing team to manage multiple projects and programs, providing strategic planning and direction for the platform. Develop product security resources’ leadership skills. Lead and develop product security resources skills in program management and cross functional collaboration with stakeholders. Technology Leadership: Provide strategic guidance on architecture reviews, threat models, implementing security technologies, overseeing security risk assessments and capability maturity. Provide leadership and guidance to product security resources on critical Product Security issues, tactical alignment, and pivotal initiatives. Align the STS organization around common benchmarks and goals for BD’s enterprise - wide Product Security posture, assessing progress towards these goals while driving improvement. Operational Management: Oversee budgeting, resource allocation, and process improvement to ensure efficient and effective security engineering operations. Cross Functional Collaboration: Lead the adoption of product security framework activities, consistent with applicable global regulations and laws in partnership with other cross functional teams. Oversee delivery of all required product security quality and regulatory documentation associated with product launches in STS. Champion initiatives such as demonstrating innovative product security processes & technologies or end of support for legacy platforms. Enable End-to-End Lifecycle Management of products in partnership with R&D, PMO, Quality, Regulatory & Enterprise Security. Stakeholder Management: Develop trust and confidence of company leaders. Serve as internal security consultant to the organization. Articulate high-level risks and mitigation plans to Senior Management. Communicate effectively to ensure alignment with business goals and technical feasibility. Engaging BD leadership, customers, federal and international agencies when issues occur as well as speaking in public forums and managing customers and external partnerships where applicable. Secure SW Environments Leadership: responsible for establishing, maintaining and implementing standards and strategies for Secure SW Environments across BD, partnering with the Enterprise Security Team and Technology & Global Services. Performance Metrics: Be accountable for key performance metrics and drive continuous improvement initiatives. May perform other duties as required. Qualifications
Undergraduate or Graduate degree in cybersecurity, computer science, software engineering or/and technical engineering or scientific field is required, advanced business or technical degree preferred Ten (10)+ years professional business experience Five (5)+ years leading teams and people Three (3)+ years in a Product Security and/or Application Development Security function in a regulated environment Leading teams that interface with a large complex ecosystem of data intensive products and diverse stakeholders Familiarity with Agile methodologies (e.g., Scrum, Kanban) and frameworks (SAFe). Knowledge, Skills, And Abilities Requirements
Ability to communicate sophisticated technical challenges in a non-technical and simplified manner to business audience Ability to align and connect business strategies with technology solutions that will mitigate risk Solid understanding of the medical device and healthcare IT space Advanced analytical and problem-solving skills Excellent presentation and communication skills including engaging with and presenting to senior leadership team Strong collaboration skills, including conflict resolution Strong communication skills to effectively drive technical and business discussions Ability to lead execution on multiple concurrent efforts Focused “results” orientation. Clearly able to distinguish efforts from results. Highly motivated, execution-focused attitude Technical Skillset Requirements
Strong understanding of a wide variety of cybersecurity attacks, threats, threat analysis, ethical hacking and system auditing coupled with experience with incident management Experience with connected products, software development lifecycle, security automation, risk mitigation strategies, incident response, and supply chain security are preferred Experience in cloud technologies (Azure, AWS) Experience in healthcare interoperability or remote device management Experience navigating and driving product cybersecurity requirements with 510(k) and PMA-regulated products preferred Certifications such as CCNA, CCIE, CISSP, CISM, GIAC, MCSE, CCSP or equivalent, CEH are preferred Relocation Assistance
Relocation Assistance: may be available for this position subject to Company Policy. All candidates are welcome to apply and will be evaluated equally. This role is ideally suited for candidates able to work with colleagues on the US Pacific Time Zone. For certain roles at BD, employment is contingent upon the Company’s receipt of sufficient proof that you are fully vaccinated against COVID-19. In some locations, testing for COVID-19 may be available and/or required. Consistent with BD’s Workplace Accommodations Policy, requests for accommodation will be considered pursuant to applicable law. Why Join Us?
A career at BD means being part of a team that values your opinions and contributions and that encourages you to bring your authentic self to work. It’s also a place where we help each other be great, we do what’s right, we hold each other accountable, and learn and improve every day. To learn more about BD visit https://bd.com/careers Becton, Dickinson and Company is an Equal Opportunity/Affirmative Action Employer. We do not unlawfully discriminate on the basis of race, color, religion, age, sex, creed, national origin, ancestry, citizenship status, marital or domestic or civil union status, familial status, affectional or sexual orientation, gender identity or expression, genetics, disability, military eligibility or veteran status, or any other protected status. Salary Range Information
$179,200.00 - $322,500.00 USD Annual Seniority level
Not Applicable Employment type
Full-time Industries
Biotechnology Research, Medical Equipment Manufacturing, and Research Services
#J-18808-Ljbffr
Director, Product Security - STS & Secure Environments
is a leadership role within BD. The Product Security Office (PSO) ensures product security risks for BD’s software-based products and solutions are managed over their lifecycle. In the PSO, we offer flexibility so you can balance your work and personal responsibilities. The Director, Product Security is responsible for BD’s product security posture for products in the Software Technology Solutions (STS) organization—BD’s global software innovation engine that enables smart connectivity for connected and cloud-based solutions over their lifecycle. Reporting to the VP, R&D, Product Security, this role will also drive the adoption and execution of Secure SW Environments to help BUs deliver best-in-class secure products, consistent with global regulatory requirements over the lifecycle. This role works in close partnership with R&D, Enterprise Security, Technology & Global Services, Quality, Regulatory Affairs, Legal, business leaders and functional authorities at corporate, regional, and business-unit (BU) levels to collaboratively advance strategic priorities and promote agile management of the opportunities within BD. They shall partner with various stakeholders to drive security strategies into annual strategic plans, as appropriate. The successful candidate will direct a team of product security resources while influencing and partnering with R&D teams to develop and implement product security plans over the full product lifecycle, including innovation, new product development and sustaining engineering that will meet the expectation of customers and product regulators (e.g., US CDRH, EU Notified Bodies, global MOHs etc.) will be hands on when required but is additionally responsible to develop strong leaders in their team with capabilities that align to the strategy and transform supported platforms and business units to maintain outstanding performance. Role Responsibilities
Leadership & Management: Build and lead a high performing team to manage multiple projects and programs, providing strategic planning and direction for the platform. Develop product security resources’ leadership skills. Lead and develop product security resources skills in program management and cross functional collaboration with stakeholders. Technology Leadership: Provide strategic guidance on architecture reviews, threat models, implementing security technologies, overseeing security risk assessments and capability maturity. Provide leadership and guidance to product security resources on critical Product Security issues, tactical alignment, and pivotal initiatives. Align the STS organization around common benchmarks and goals for BD’s enterprise - wide Product Security posture, assessing progress towards these goals while driving improvement. Operational Management: Oversee budgeting, resource allocation, and process improvement to ensure efficient and effective security engineering operations. Cross Functional Collaboration: Lead the adoption of product security framework activities, consistent with applicable global regulations and laws in partnership with other cross functional teams. Oversee delivery of all required product security quality and regulatory documentation associated with product launches in STS. Champion initiatives such as demonstrating innovative product security processes & technologies or end of support for legacy platforms. Enable End-to-End Lifecycle Management of products in partnership with R&D, PMO, Quality, Regulatory & Enterprise Security. Stakeholder Management: Develop trust and confidence of company leaders. Serve as internal security consultant to the organization. Articulate high-level risks and mitigation plans to Senior Management. Communicate effectively to ensure alignment with business goals and technical feasibility. Engaging BD leadership, customers, federal and international agencies when issues occur as well as speaking in public forums and managing customers and external partnerships where applicable. Secure SW Environments Leadership: responsible for establishing, maintaining and implementing standards and strategies for Secure SW Environments across BD, partnering with the Enterprise Security Team and Technology & Global Services. Performance Metrics: Be accountable for key performance metrics and drive continuous improvement initiatives. May perform other duties as required. Qualifications
Undergraduate or Graduate degree in cybersecurity, computer science, software engineering or/and technical engineering or scientific field is required, advanced business or technical degree preferred Ten (10)+ years professional business experience Five (5)+ years leading teams and people Three (3)+ years in a Product Security and/or Application Development Security function in a regulated environment Leading teams that interface with a large complex ecosystem of data intensive products and diverse stakeholders Familiarity with Agile methodologies (e.g., Scrum, Kanban) and frameworks (SAFe). Knowledge, Skills, And Abilities Requirements
Ability to communicate sophisticated technical challenges in a non-technical and simplified manner to business audience Ability to align and connect business strategies with technology solutions that will mitigate risk Solid understanding of the medical device and healthcare IT space Advanced analytical and problem-solving skills Excellent presentation and communication skills including engaging with and presenting to senior leadership team Strong collaboration skills, including conflict resolution Strong communication skills to effectively drive technical and business discussions Ability to lead execution on multiple concurrent efforts Focused “results” orientation. Clearly able to distinguish efforts from results. Highly motivated, execution-focused attitude Technical Skillset Requirements
Strong understanding of a wide variety of cybersecurity attacks, threats, threat analysis, ethical hacking and system auditing coupled with experience with incident management Experience with connected products, software development lifecycle, security automation, risk mitigation strategies, incident response, and supply chain security are preferred Experience in cloud technologies (Azure, AWS) Experience in healthcare interoperability or remote device management Experience navigating and driving product cybersecurity requirements with 510(k) and PMA-regulated products preferred Certifications such as CCNA, CCIE, CISSP, CISM, GIAC, MCSE, CCSP or equivalent, CEH are preferred Relocation Assistance
Relocation Assistance: may be available for this position subject to Company Policy. All candidates are welcome to apply and will be evaluated equally. This role is ideally suited for candidates able to work with colleagues on the US Pacific Time Zone. For certain roles at BD, employment is contingent upon the Company’s receipt of sufficient proof that you are fully vaccinated against COVID-19. In some locations, testing for COVID-19 may be available and/or required. Consistent with BD’s Workplace Accommodations Policy, requests for accommodation will be considered pursuant to applicable law. Why Join Us?
A career at BD means being part of a team that values your opinions and contributions and that encourages you to bring your authentic self to work. It’s also a place where we help each other be great, we do what’s right, we hold each other accountable, and learn and improve every day. To learn more about BD visit https://bd.com/careers Becton, Dickinson and Company is an Equal Opportunity/Affirmative Action Employer. We do not unlawfully discriminate on the basis of race, color, religion, age, sex, creed, national origin, ancestry, citizenship status, marital or domestic or civil union status, familial status, affectional or sexual orientation, gender identity or expression, genetics, disability, military eligibility or veteran status, or any other protected status. Salary Range Information
$179,200.00 - $322,500.00 USD Annual Seniority level
Not Applicable Employment type
Full-time Industries
Biotechnology Research, Medical Equipment Manufacturing, and Research Services
#J-18808-Ljbffr