Sr Cybersecurity Lead- CRA
Provide technical expertise and assist in identifying known and unknown vulnerabilities associated with Baxter Medical Devices. Scope will encompass both new and sustaining products, providing inputs and technical expertise to multiple teams to eliminate or mitigate identified cybersecurity risks. Assist in establishing Risk Analysis processes for Medical Devices and execution of Risk Advisory process
- Contribute into a development, management and execution of Cybersecurity Risk Analysis service for Medical Devices across global franchise teams and product development life cycle
- Advise in selection of tools, equipment, methodology, report templates for the Risk Analysis service
- Coordinate R&D capabilities for security vulnerability discovery and penetration testing across multiple products.
- Perform QA reviews on Risk Analysis reports for various products.
- Act as a lead in Risk Assessments with focus on identifying known and unknown vulnerabilities utilizing different assessment techniques, such as reverse engineering, network enumeration, fuzzing, disassembling and decompiling, etc..
- Assist and guide mitigation strategies for identified vulnerabilities across all product lines
- Contribute into a development and assist in maintenance of Medical Device Cybersecurity Risk Rating Methodology
- Contribute into a development and execution of Cybersecurity Risk Advisory process for Baxter Medical Devices.
- Assist in Secure Coding development / review process
- Advice and mentor the development of junior staff members, provide guidance in self-learning activities.
- Understand and ensure compliance with all current and applicable laws, regulations, and guidance’s from US and EU that affect Medical Device Cybersecurity.
- Ability to work effectively in a team environment.
- Maturity to accept direction, confidence to give direction.
- Creativity in addressing technical challenges.
- Technical expertise and/or breadth in one or more systems environments and strategic technologies.
- Ability to understand and assist in evolution and/or integration of Baxter applications.
- Strong oral and presentation skills
- Proven record to deliver results
- Experience in the following: computer architecture, operating systems, imbedded systems design, inter and inner process communications, networking protocols and their related implementations.
- Experience with and understanding of compiled and interpreted programs and the types of security issues possible in each; database systems, web servers, application servers, firewalls, routers, load balancers, switches, and different types of middleware; x86 assembly.
- Experience with debuggers and disassemblers; malware analysis through reverse engineering, protocol analysis, and log analysis; intrusion analysis through reverse engineering, log analysis, forensic disk examination, and system review.
- Experience with source code reviews (at least c/c++ and java) for security vulnerabilities.
- Experience with reverse engineering binaries (at least x86) for security vulnerabilities.
Equal Employment Opportunity
Baxter is an equal opportunity employer. Baxter evaluates qualified applicants without regard to race, color, religion, gender, national origin, age, sexual orientation, gender identity or expression, protected veteran status, disability/handicap status or any other legally protected characteristic.
Baxter is committed to working with and providing reasonable accommodations to individuals with disabilities. If, because of a medical condition or disability, you need a reasonable accommodation for any part of the application or interview process, please send an email to Corporate_Staffing_Deerfield@baxter.com or call 877-229-4748 (877-BaxHR4U) and let us know the nature of your request along with your contact information.
Company Type: Public Company
Company Size: 10,001+