Sr Manager - Product Security

We are the makers of possible

BD is one of the largest global medical technology companies in the world. Advancing the world of health is our Purpose, and its no small feat. It takes the imagination and passion of all of usfrom design and engineering to the manufacturing and marketing of our billions of MedTech products per yearto look at the impossible and find transformative solutions that turn dreams into possibilities.

We believe that the human element, across our global teams, is what allows us to continually evolve. Join us and discover an environment in which youll be supported to learn, grow and become your best self. Become a maker of possible with us.

Excited to grow your career?

We value our talented employees, and whenever possible strive to help one of our associates grow professionally before recruiting new talent to our open positions. If you think the open position you see is right for you, we encourage you to apply!

Our people make all the difference in our success.

The Product Security Office (PSO), is committed to managing product security risks throughout the entire product lifecycle, ensuring our innovations make a meaningful impact on patients and customers. We foster a flexible work environment that supports a healthy balance between professional and personal life. Our culture is built on servant leadership, where your growth, recognition, and authenticity are valued every day.

Driven by a passion for improving patient outcomes, we empower our R&D teams to develop secure, cutting-edge solutions. If you bring a growth mindset and a desire to learn, lead, and make a difference, PSO is the place for you to thrive as a product security leader and help BD advance the world of health in ways you may never have imagined.

The Senior Technical Manager is responsible for ensuring the latest security requirements and expectations are met for BD Advanced Patient Monitorings portfolio of products. Reporting to the Senior Product Security Director, this individual will help the PSO provide guidance to successfully deliver best-in-class secure products, consistent with global regulatory requirements over the lifecycle.

This role works in partnership with R&D, Enterprise Security, Quality, Regulatory Affairs, and leaders at corporate, regional, and business-unit (BU) levels to collaboratively advance the compliance with latest security technical requirements and promote agile management of the opportunities within the business unit platform. They shall partner with the PSO Leadership on business strategy and plans to drive security strategies and investments into annual strategic plans, as appropriate.
The successful candidate will direct a team of product security resources and while influencing and partnering with R&D teams to develop and implement product security requirements over the full product lifecycle, including innovation, new product development and sustaining engineering that will meet the expectation of customers and product regulators (e.g., US CDRH, EU Notified Bodies, global MOHs etc.) This role will be hands on when required and is responsible for execution of product security projects and deliverables as part of product releases, as well as driving program activities (e.g., threat modeling, vulnerability scanning and remediation, risk assessment, incident response).

Role Responsibilities:

• Collaborate cross-functionally and geographically within the respective business to advance cybersecurity strategy and objectives within the portfolio.
• Technology Leadership: Offer mentorship and lead execution of security work including architecture analysis & reviews, threat assessment & modeling, implementing security technologies, security vulnerability analysis, SBOM creation and composition, security testing in an agile development environment, and security risk assessments for products and 3rd party solution providers. Provide mentorship and guidance to Product Security team members on critical security issues, tactical alignment, and pivotal initiatives.
• Project Leadership: Develop comprehensive project plans, including timelines, resources and breakthroughs, ensuring all activities align with project strategy and goals and monitor to mitigate risks while keeping the product security initiatives on track
• Risk Management, Quality & Compliance: Evaluate and contextualize vulnerabilities and security issues to determine applicability and actual risk given environmental conditions, mitigations and compensating controls, and make recommendations on priorities and acceptance. Assess overall product risk posture. Participate in delivery of all required product security quality and regulatory documentation associated with product launches.
• Operational Management: Ensure that security by design practices are implemented in the development of products and the associated SW environments.
• Cross Functional Collaboration: Work closely with R&D and product teams to evaluate security risk, solutions, and drive security remediations into product releases. Champion initiatives such as demonstrating innovative product security processes & technologies.
• Leadership & Management: Collaborate with or mentor a small team of Product Security Engineers where applicable. Work with cross functional teams and collaborators to ensure projects are meeting technical objectives and timelines.
• Partner Management: Communicate effectively to ensure alignment with business goals and technical feasibility. Engage in technical discussions with PSO and BD leadership as well as speaking in public forums where applicable. Enable development of Security Champions across the organization.

• Undergraduate or Graduate degree in cybersecurity, computer science, software engineering, or technical engineering/scientific field
• Minimum of 6 years in cybersecurity, product security, or security risk management
• Three (3)+ years in a Product Security and/or Application Development Security function in a regulated environment
• Experience implementing security design, development, validation, and compliance in a regulated environment
• Experience implementing and demonstrating compliance to security frameworks (NIST 800-53, IEC 81001-5, HITRUST, HIPAA, GDPR, ISO 27001, SOC 2 Type 2)
• Experience managing security teams and projects
• Competence in threat modeling software systems using industry standard methods
• Experience assessing security risks using industry standard methods
• Experience navigating and driving product cybersecurity requirements with 510(k) and PMA-regulated products
• Experience working with teams in a structured software development lifecycle process

• Experience with connected products, software development lifecycle, security automation, network technologies, and supply chain security
• Certifications such as CCNA, CCIE, CISSP, CISM, GIAC, MCSE, CCSP or equivalent, CEH
• Experience with agile methodology (preferred over other software development lifecycle processes)
• Demonstrated technical acumen and ability to effectively convey technical information to all levels
• Proven ability to operate cross-functionally to execute on business initiatives
• Demonstrated ability to translate strategies into objectives, tactics, and execution tasks
• Demonstrated ability to establish structure around ambiguous problems
• Strong collaboration skills, including conflict resolution
• Strong written and verbal communication skills

At BD, we prioritize on-site collaboration because we believe it fosters creativity, innovation, and effective problem-solving, which are essential in the fast-paced healthcare industry. For most roles, we require a minimum of 4 days of in-office presence per week to maintain our culture of excellence and ensure smooth operations, while also recognizing the importance of flexibility and work-life balance. Remote or field-based positions will have different workplace arrangements which will be indicated in the job posting.

For certain roles at BD, employment is contingent upon the Companys receipt of sufficient proof that you are fully vaccinated against COVID-19. In some locations, testing for COVID-19 may be available and/or required. Consistent with BDs Workplace Accommodations Policy, requests for accommodation will be considered pursuant to applicable law.

Why Join Us?

A career at BD means being part of a team that values your opinions and contributions and that encourages you to bring your authentic self to work. Its also a place where we help each other be great, we do whats right, we hold each other accountable, and learn and improve every day.

To find purpose in the possibilities, we need people who can see the bigger picture, who understand the human story that underpins everything we do. We welcome people with the imagination and drive to help us reinvent the future of health. At BD, youll discover a culture in which you can learn, grow, and thrive. And find satisfaction in doing your part to make the world a better place.

To learn more about BD visithttps://bd.com/careers

Becton, Dickinson, and Company is an Equal Opportunity Employer. We evaluate applicants without regard to race, color, religion, age, sex, creed, national origin, ancestry, citizenship status, marital or domestic or civil union status, familial status, affectional or sexual orientation, gender identity or expression, genetics, disability, military eligibility or veteran status, and other legally-protected characteristics.

Required Skills

Optional Skills

.

At BD, we are strongly committed to investing in our associatestheir well-being and development, and in providing rewards and recognition opportunities that promote a performance-based culture. We demonstrate this commitment by offering a valuable, competitive package of compensation and benefits programs which you can learn more about on our Careers Site under Our Commitment to You.

Salaryor hourly rateranges have been implemented to reward associates fairly and competitively, as well as to support recognition of associates progress, ranging from entry level to experts in their field, and talent mobility. There are many factors, such as location, that contribute to the range displayed.The salaryor hourly rateoffered to a successful candidate is based on experience, education, skills, andany step rate pay system of the actualwork location, as applicable to the role or position.Salaryor hourly payranges may varyfor Field-based and Remote roles.

Salary Range Information