Director of Product Security Architecture and DevSecOps

As Baxter continues its journey to Advance Connected Care, the security and management of customer-generated data will be a significant priority. As the Director of Product Security Architecture and DevSecOps, you will be responsible for leading the organization and execution of medical product security by design development and software engineering related activities to architect and design preventative security development workflows and solutions. This includes developing and fostering strategic partnerships for the ongoing maintenance of operating systems used in Baxter products, working with global software teams to adopt best practices and common tools for incorporating regular updates. Main responsibilities: • Strategic Leadership: Provide vision and leadership in the development and execution of product security strategies in alignment with the business strategy. • Product Development & Software Engineering: Oversee the organization and execution of product development operations and software engineering efforts, with a focus on architecting and designing preventative security solutions. • Strategic Partnerships: Develop and maintain strategic partnerships around the ongoing maintenance of operating systems to ensure products remain secure against future cyber threats. • Security Program Development: Lead the development and daily operations of the development operations aspects of the security program to ensure the security of connected devices. • Risk Management: Work with cross-functional team members to establish and/or enhance ongoing preventative risk assessment processes for Baxter connected devices. • DevSecOps – Build solid platform and DevOps intelligent designs to ensure security by design standards for build pipelines, that drive security standardization and reduce risk through process and solutions. Execute and implement across all segments within Baxter. • Develop, maintain, and support shared service capabilities such as security testing, vulnerability management, training, coordinated vulnerability disclosure, incident response, and customer communications. • Oversee the development and implementation of the product security and privacy roadmap. • Drive DevSecOps strategies and solutions utilizing security risks to consolidate and align development operations platforms, processes, and solutions. • Develop and execute strategies for external presence and participation in industry groups, conferences, and thought leadership activities. • Build and motivate teams with complementary subject matter knowledge across all responsible capability areas. • Define resource planning and management plans to support short and long-term objectives and execute business processes to gain approval and execute resource plans. • Oversee internal communications on the product security and privacy program, including product security and privacy plans, implementation, issues, and external communications regarding program and product vulnerabilities. • Work with leadership of stakeholder groups as a change agent to define and implement preventative product security practices. • Provide professional development opportunities for staff to grow and develop expertise across required capability areas. • Build a risk-aware product security and privacy culture through education and awareness. • Serve as a subject matter resource for key BGPS areas of responsibility. • Ensure operating mechanisms and metrics of program implementation activities are measurable and reviewed using appropriate management review processes.