Sr Principal Eng, Cybersecurity

1 month ago

Bengaluru, India Baxter Full time

This is where you save and sustain lives

At Baxter, we are deeply connected by our mission. No matter your role at Baxter, your work makes a positive impact on people around the world. You'll feel a sense of purpose throughout the organization, as we know our work improves outcomes for millions of patients.

Baxter's products and therapies are found in almost every hospital worldwide, in clinics and in the home. For over 85 years, we have pioneered significant medical innovations that transform healthcare.

Together, we create a place where we are happy, successful and inspire each other. This is where you can do your best work.

Join us at the intersection of saving and sustaining lives—where your purpose accelerates our mission.

About Baxter

Baxter Healthcare’s mission is to save and sustain lives by delivering products and services that are the essential building blocks of healthcare. Also important to Baxter is ensuring the safety and security of its medical devices. Baxter is seeking a Medical Device Cybersecurity Engineer, whose primary responsibility is to ensure the safety and security of the global corporation's medical devices, products, and applications. The candidate will perform state of the art medical device cybersecurity pre-market threat analysis and risk assessment. The candidate will help ensure that cybersecurity is an integral component throughout product development.

The candidate must have an excellent combination of software development skills and knowledge in security principles to prioritize the functional/technical aspects of the solution, and then help the product teams to execute the implementation.

This role will work with a team of engineers, architects, and analysts across multiple organizations, supporting cybersecurity feature prototyping, threat analysis, and penetration test finding/vulnerability assessment.

Role Description:

· Accountable for defining and implementing the Cybersecurity strategy across Digital Health Platforms.

· Provide leadership, strategic guidance and cross functionally collaborate with GBUs to architect, design and develop the software security features for multiple products and platforms.

· Implement innovative security solutions for platforms and/or server platforms.

· Lead implementation of medical device cybersecurity functionalities that are part of an overall security architecture, including common security protocol stacks such as IPsec, TLS, OAuth, and SAML.

· Leading day-to-day security assessments and mitigations addressing product development for security by design in R&D, Privacy by Design, Threat-Modeling, Security Risk Assessments, Vulnerability Scanning, Penetration Testing, Security Whitepaper, MDS2 and SBOM Publishing

· Ensures the confidentiality, integrity, and availability of digital data

· Assess security findings from various sources. This includes Static Code Analysis and Penetration Testing.

· Identify known/unknown vulnerabilities associated with Baxter’s medical devices and provide inputs/technical expertise to multiple teams to eliminate/mitigate identified cybersecurity risks.

· Develop security tools that help to collect cyber threat intelligence, track emerging vulnerabilities in software, and enforce secure coding standards.

· Support medical device cybersecurity certification programs such as UL 2900.

· Perform internal security tests to validate security capabilities and compliance for medical devices.

· Work with internal or external resources to plan and execute Security Activities (like Penetration Testing, SOC2 audits) on various products.

· Manage relationship with strategic partners in this space to ensure Baxter development process with respect to Cybersecurity, is industry leading, Top Quartile.

· Interface with ministries of health, and certifying bodies to represent the company and devices in threat analysis, certification, and notifications

Minimum Requirements/Experience

· Bachelor's Degree Computer Science or an equivalent with 11+ years of demonstrated product security experience in industry- healthcare, medical device preferred. Master’s degree in technology management or similar preferred.

· Familiarity with the development of medical products and importance of protecting PII/PHI and IP data.

· Understanding of software components and associated security risks and how to mitigate risks to drive state of the art medical solutions.

· Certification in security such as CAP, CCSP, or equivalent preferred.

· Keen attention to detail, critical thinking, analytical abilities and abilities to work independently.

· Proven interpersonal and communication (verbal, written, presentation) skills.

· Proven understanding of application security throughout the Software Development Lifecycle (SDLC).

· Experience in addressing OWASP Top 10 vulnerabilities.

· Experience with some or all of the following: NIST 800-53, AMII TIR57, FDA Pre-Post Market Guidance, DoD RMF/ATO, SOC2, HiTrust, EU-MDR GDPR guidelines.

· Proven ability to work closely with Cross-Functional teams such as R&D, Regulatory, Quality, Marketing, Legal to ensure compliance and appropriate mitigation of security risks for medical products.

· Working knowledge in Operating Systems such as Linux, container orchestration frameworks such as Kubernetes, Cloud environments such as AWS or Azure, Azure Lakehouse etc.

· Knowledge of threat modeling tools like Microsoft Stride, malware analysis, digital forensics

· Some knowledge in cybersecurity standards such as NIST 800-53, ISO 27001, and FIPS 140-2 is preferred.

· Experience or strong interest in IoT (Internet of Things) device development, application development

At Baxter, we offer a dynamic and future focused work environment offering workplace flexibility, additional annual leave and a strong value driven culture.
Baxter is committed to supporting the needs for flexibility in the workplace. We do so through our flexible workplace policy which includes a minimum of 3 days a week onsite. This policy provides the benefits of connecting and collaborating in-person in support of our Mission

  • Principal Eng, Cybersecurity

    1 week ago

    Bengaluru, Karnataka, India Scalene works Full time

    As Sr Principal Engineer, own and direct the cybersecurity design and analysis of multiple medical devices. Resolve difficult problems, from conception to final design with team input. Plan, lead, and deliver project assignments in the evaluation, selection and adaptation of various cybersecurity engineering techniques, procedures, and criteria with minimal...

  • Principal Eng, Cybersecurity

    3 days ago

    Bengaluru, India Scalene works Full time

    Description As Sr Principal Engineer, own and direct the cybersecurity design and analysis of multiple medical devices. Resolve difficult problems, from conception to final design with team input. Plan, lead, and deliver project assignments in the evaluation, selection and adaptation of various cybersecurity engineering techniques, procedures, and criteria...

  • Principal Eng, Cybersecurity

    1 week ago

    Bengaluru, Karnataka, India Scalene works Full time

    As Sr Principal Engineer, own and direct the cybersecurity design and analysis of multiple medical devices. Resolve difficult problems, from conception to final design with team input. Plan, lead, and deliver project assignments in the evaluation, selection and adaptation of various cybersecurity engineering techniques, procedures, and criteria with minimal...

  • Sr Principal Eng, Cybersecurity

    1 week ago

    Bengaluru, Karnataka, India Baxter Full time

    This is where lives are saved and sustainedAt Baxter, our mission unites us all. Regardless of your role, your contributions positively impact individuals worldwide. Throughout the organization, you'll sense a meaningful purpose as our efforts enhance the lives of countless patients.Baxter's innovative products and therapies are prevalent in hospitals,...

  • Senior Principal Cybersecurity Consultant

    1 day ago

    Bengaluru, India CYFIRMA Full time

    CYFIRMA is the fastest-growing cybersecurity start-up delivering a complete near real-time view of external cyber threats and risks. We are an external threat landscape management platform company. We combine cyber intelligence with attack surface discovery and digital risk protection to deliver an early warning, personalized, contextual, outside-in, and...

  • Senior Principal Cybersecurity Consultant

    1 week ago

    Bengaluru, India CYFIRMA Full time

    CYFIRMA is the fastest-growing cybersecurity start-up delivering a complete near real-time view of external cyber threats and risks. We are an external threat landscape management platform company. We combine cyber intelligence with attack surface discovery and digital risk protection to deliver an early warning, personalized, contextual, outside-in, and...

  • Senior Principal Cybersecurity Consultant

    1 week ago

    Bengaluru, Karnataka, India CYFIRMA Full time

    CYFIRMA is the fastest-growing cybersecurity start-up delivering a complete near real-time view of external cyber threats and risks. We are an external threat landscape management platform company. We combine cyber intelligence with attack surface discovery and digital risk protection to deliver an early warning, personalized, contextual, outside-in, and...

  • Senior Principal Cybersecurity Consultant

    5 days ago

    Bengaluru, India CYFIRMA Full time

    CYFIRMA is the fastest-growing cybersecurity start-up delivering a complete near real-time view of external cyber threats and risks. We are an external threat landscape management platform company. We combine cyber intelligence with attack surface discovery and digital risk protection to deliver an early warning, personalized, contextual, outside-in, and...

  • Cybersecurity Senior Risk Analyst

    7 hours ago

    Bengaluru, India The Nielsen Company Full time

    The Cybersecurity Sr. Risk Analyst will be a member of the Global Cybersecurity department reporting to the Cybersecurity Performance Management team and is primarily responsible for assisting with the execution and remediation of cybersecurity assessments related to any of our decentralized infrastructure organizations not completely integrated into central...

  • Principal Eng, Mechanical

    2 months ago

    Bengaluru, Karnataka, India BAXTER Full time

    **Vantive: A New Company Built On Our Legacy** Baxter is on a journey to spin off our ~$5B Kidney Care segment into a standalone company. Vantive* will build on our nearly 70-year legacy in acute therapies and home and in-center dialysis to provide best-in-class care to the people we serve. We believe Vantive will not only build our leadership in the kidney...

  • Principal Eng, Mechanical

    2 days ago

    Bengaluru, Karnataka, India BAXTER Full time

    **Vantive: A New Company Built On Our Legacy** Baxter is on a journey to spin off our ~$5B Kidney Care segment into a standalone company. Vantive* will build on our nearly 70-year legacy in acute therapies and home and in-center dialysis to provide best-in-class care to the people we serve. We believe Vantive will not only build our leadership in the kidney...

  • Principal Eng, Containers

    1 week ago

    Bengaluru, Karnataka, India Baxter Full time

    Vantive: A New Company Built On Our Legacy Baxter is on a journey to separate our ~$5B Kidney Care segment into a standalone company. Vantive* will build on our nearly 70-year legacy in acute therapies and home and in-center dialysis to provide best-in-class care to the people we serve. We believe Vantive will not only build our leadership in the kidney...

  • Principal Eng, Containers

    3 weeks ago

    Bengaluru, Karnataka, India BAXTER Full time

    **Vantive: A New Company Built On Our Legacy** Baxter is on a journey to separate our ~$5B Kidney Care segment into a standalone company. Vantive* will build on our nearly 70-year legacy in acute therapies and home and in-center dialysis to provide best-in-class care to the people we serve. We believe Vantive will not only build our leadership in the kidney...

  • Principal Eng, Containers

    2 days ago

    Bengaluru, Karnataka, India BAXTER Full time

    **Vantive: A New Company Built On Our Legacy** Baxter is on a journey to separate our ~$5B Kidney Care segment into a standalone company. Vantive* will build on our nearly 70-year legacy in acute therapies and home and in-center dialysis to provide best-in-class care to the people we serve. We believe Vantive will not only build our leadership in the kidney...

  • Principal Eng, Containers

    1 week ago

    Bengaluru, Karnataka, India BAXTER Full time

    Vantive: A New Company Built On Our LegacyBaxter is on a journey to separate our ~$5B Kidney Care segment into a standalone company. Vantive* will build on our nearly 70-year legacy in acute therapies and home and in-center dialysis to provide best-in-class care to the people we serve. We believe Vantive will not only build our leadership in the kidney care...

  • Principal Product Cybersecurity Architect

    3 weeks ago

    Bengaluru, India Johnson Controls Full time

    What you will doThe future is being built today, and Johnson Controls is making that future more productive, more secure and more sustainable. We are harnessing the power of cloud, data analytics, the Internet of Things, and user design thinking to deliver on the promise of intelligent buildings and smart cities that connect communities in ways that make...

  • Principal Product Cybersecurity Architect

    1 month ago

    Bengaluru, India Johnson Controls Full time

    What you will do The future is being built today, and Johnson Controls is making that future more productive, more secure and more sustainable. We are harnessing the power of cloud, data analytics, the Internet of Things, and user design thinking to deliver on the promise of intelligent buildings and smart cities that connect communities in ways that...

  • Principal Product Cybersecurity Architect

    3 weeks ago

    Bengaluru, India Johnson Controls Full time

    What you will do The future is being built today, and Johnson Controls is making that future more productive, more secure and more sustainable. We are harnessing the power of cloud, data analytics, the Internet of Things, and user design thinking to deliver on the promise of intelligent buildings and smart cities that connect communities in ways that...

  • Principal Product Cybersecurity Architect

    1 week ago

    Bengaluru, Karnataka, India Johnson Controls Full time

    What you will do The future is being built today, and Johnson Controls is making that future more productive, more secure and more sustainable. We are harnessing the power of cloud, data analytics, the Internet of Things, and user design thinking to deliver on the promise of intelligent buildings and smart cities that connect communities in ways that...

  • Principal Product Cybersecurity Architect

    4 weeks ago

    Bengaluru, India Johnson Controls International Full time

    What you will doThe future is being built today, and Johnson Controls is making that future more productive, more secure and more sustainable.  We are harnessing the power of cloud, data analytics, the Internet of Things, and user design thinking to deliver on the promise of intelligent buildings and smart cities that connect communities in ways that make...