Sr. Manager Product Security

About The Position

Requirements

• BA/BS or higher in Information Security, Risk or IT Management, Computer Science, or related field; or equivalent experience.
• 10 to 12 years of Overall Cybersecurity/ Product security experience.
• Understanding of product security and the relationship between threat, vulnerability and potential customer risk in the context of risk management
• Familiarity with FDA cybersecurity guidelines for Abbott's products
• Knowledge of national and international regulatory compliances and frameworks such as NIST Cybersecurity Framework, ISO 27001, EU DPD, HIPAA/HITECH
• Requires strong analytical skills, business intelligence, effective communication, interpersonal skills, organizational intelligence, relationship management, the ability to make meaningful decisions based on sound judgement, and the ability to work effectively with a variety of roles from Executive Management to Security Analysts.

Nice To Haves

• Certifications such as CISA, CISM, CRISC, CISSP, CPP or CFE are preferred.

Responsibilities

• Provide leadership in the development and execution of a product cyber security strategy for the division, including aligning with business strategies and priorities, gaining executive approval and support, and overseeing successful execution
• Facilitate divisional compliance with applicable Corporate and Divisional Policies. Provide input to Product Security policies. Establish and maintain required Product Security Procedures.
• Collaborate with product teams to create and maintain a secure product development lifecycle processes to ensure that security requirements/controls can be embedded within the product development process.
• Oversee cross-functional activities that help the product teams build safe and secure products that are compliant with industry regulation and meeting customer and patient security/safety expectations.
• Collaborate with R&D teams to review medical device/product security risk assessments and mitigation plans.
• Maintain positive and cooperative communications and collaboration with all levels of employees, customers, contractors, and vendors.
• Collaborate with R&D teams and corporate cybersecurity teams on the Post Market Vulnerability Management Program for Medical Devices supporting identification and analysis of known and newly found vulnerabilities to determine their operational and security impact. Provide recommendations for remediation or mitigating strategies.
• Support Product Security tabletop exercises and incident response processes
• Oversee responses to customer inquiries related to security and privacy of our products; coordinate Abbott personnel to accurately, efficiently, and consistently respond to inquiries
• Lead the Product Security Compliance Program to develop and maintain security certifications such as SOC2, ISO27001and other regional certifications for products. Must be able to weigh business needs against security concerns and articulate issues to management.
• Reporting of security related metrics to Division and Corporate Management.
• Lead the development of ongoing product security communications, training and awareness program tailored to the evolving needs of the business and specific requirements of various user groups including customers.
• Manage capital and operational expense budgets to ensure accurate forecasting and administration.
• Develop and execute strategies which develop individual team member skills and abilities.

Benefits

• Career development with an international company where you can grow the career you dream of.
• Employees can qualify for free medical coverage in our Health Investment Plan (HIP) PPO medical plan in the next calendar year.
• An excellent retirement savings plan with a high employer contribution
• Tuition reimbursement, the Freedom 2 Save student debt program, and FreeU education benefit - an affordable and convenient path to getting a bachelor’s degree.
• A company recognized as a great place to work in dozens of countries worldwide and named one of the most admired companies in the world by Fortune.
• A company that is recognized as one of the best big companies to work for as well as the best place to work for diversity, working mothers, female executives, and scientists.