Sr. Manager Product Security - Edwards Lifesciences LLC Irvine, CA, USA Bookmark Share Print 119 1 0

Listing Description

Edwards Lifesciences is looking for a technical cyber security leader who will report directly to the global head of cyber security at Edwards. The primary function for the Sr. Manager, Product Security will be to drive the evolution of the medical device product security program for our connected devices division. The secondary responsibilities will include leading one or more key technical cyber security domains like Advisory & Assurance, GRC, Cyber Solutions and Incident detection, response and investigation. As a primary responsibility to support product security lifecycle you will help support and execute various phases of security development lifecycle for connected medical devices that entails security and compliance considerations. This role requires prior experience in the medical device security space helping drive implementation of FDA recommended security frameworks like NIST Cyber security framework into the product lifecycle, supporting FDA pre-market 510K submissions and implementation of standards related to ISO27001 and ISO 80001. As the program evolves, the role may have immediate, or in short term, responsibilities to hire, mentor and lead seasoned security professionals both in IoT and Medical device security space.

Responsibilities:

• SME in medical device security space along with experience with FDA guidelines and regulations, and creating 510(k) submissions.

• Understand key business processes at Edwards and their characteristics with a view to incorporating security guidance that enables the business operations.

• Support medical device division in all phases pre-market, post market and maintenance phases.

• Lead a team of cyber security professionals responsible for providing technical and people leadership.

• Design processes and governance structure around medical device product lifecycle and cyber security solutions.

• Help develop, maintain and execute a multi-year security roadmaps.

• Use cyber security frameworks to standardize cyber security function for their development and delivery.

• Act as a SME Security Advisor for key IT, product and business initiatives.

• Present to executive audience the most complex security concepts in a business friendly language.

• SME in security architecture concepts and methodology that drives key enterprise IT and product lifecycles.

• Stay abreast with the cyber security threat and solution landscape to bring innovative solutions that significantly improve Edwards products security posture.

• Implement cyber processes and tools with strong focus on Automation and Cloud first approach.

• Present at security conferences representing Edwards both in enterprise IT and medical device security concepts.

#LI-LP1

Requirements:

• A minimum of 10 years of cyber security experience with a master’s degree, or 12 years of experience with a bachelor’s degree, leading and executing enterprise scoped security projects in at least 3 or more of the following domains: platform security, application security, network security, infrastructure, cloud security, data security and identity and access management.

• 3+ years of experience working as a team lead or a manager responsible for providing technical and/or people leadership.

• SME in at least 3 of the following domains, with medical device security being the primary: platform security, network security, application security, data security, cloud security, and embedded device security.

• Prior experience in design/build/execution of a medical device program is a must, along with strong familiarity working with FDA guidelines specific to medical devices.

• Strong knowledge in the standards space and experience implementing ISO27001, ISO80001 frameworks.

• Experience creating risk based control frameworks to evaluate patient safety impacts and severity of risks

• Experience performing threat modeling, security assessments a huge plus especially in the embedded systems space

• Ability to collaborate in a very fast paced environment.

• Expert knowledge in industry standard security frameworks like NIST, OWASP, ISO etc.

• Excellent written and verbal communication skills, with experience presenting to executive audience.

About Edwards

Edwards Lifesciences is the global leader in patient-focused medical innovations for structural heart disease, as well as critical care and surgical monitoring. Driven by a passion to help patients, the company collaborates with the world's leading clinicians and researchers to address unmet healthcare needs, working to improve patient outcomes and enhance lives. Headquartered in Irvine, California, Edwards Lifesciences has extensive operations in North America, Europe, Japan, Latin America and Asia and currently employs over 10,000 individuals worldwide.

For us, helping patients is not a slogan - it's our life's work. From developing devices that replace or repair a diseased heart valve to creating new technologies that monitor vital signs in the critical care setting, we focus on helping patients regain and improve the quality of their life. Edwards is an Equal Opportunity/Affirmative Action employer including Minorities, Females, Protected Veterans, and Individuals with Disabilities.Responsibilities: