We are the people who give possibilities purpose

BD is one of the largest global medical technology companies in the world. Advancing the world of health™ is our Purpose, and it’s no small feat. It takes the imagination and passion of all of us—from design and engineering to the manufacturing and marketing of our billions of MedTech products per year—to look at the impossible and find transformative solutions that turn dreams into possibilities.

Job Description

We are the makers of possible 

BD is one of the largest global medical technology companies in the world. Advancing the world of health™ is our Purpose, and it’s no small feat. It takes the imagination and passion of all of us—from design and engineering to the manufacturing and marketing of our billions of MedTech products per year—to look at the impossible and find transformative solutions that turn dreams into possibilities. 

We believe that the human element, across our global teams, is what allows us to continually evolve. Join us and discover an environment in which you’ll be supported to learn, grow and become your best self. Become a maker of possible with us. 

The Associate Principal Cloud Security Architect leads our efforts in safeguarding modern cloud and artificial intelligence platforms. As organizations increasingly leveraemploychnologies within the cloud, the importance of robust security strategies has never been greater. This role is responsible for designing, implementing, and managing advanced security solutions that protect sensitive data, ensure regulatory compliance, and mitigate evolving cyber threats across our AI-driven cloud environments.

The ideal candidate will possess deep expertise in cloud security architectures, AI system vulnerabilities, and emerging cybersecurity trends. You will collaborate closely with engineering, product, and compliance teams to establish guidelines, conduct risk assessments, and drive the adoption of secure-by-design principles.

Role Responsibilities:

Collaborate with all levels and geographies within the STS organization and respective BUs to advance the product security strategy and objectives within the portfolio.

• Technology & Domain Leadership:

  • Architecting and supporting implementation of complex security controls across multi-cloud environments (e.g., Azure, AWS, GCP).

  • Define and implement Zero Trust principles, cloud security standards, and reference architectures.

  • Lead the design of secure landing zones, guardrails, and multi-cloud governance frameworks.

  • Partner with engineering teams to embed security into application and infrastructure designs.

  • Architect identity and access strategies across various cloud solutions

  • Design secure network architectures including segmentation, private connectivity, and cloud-native firewalls.

  • Conduct threat modeling, architecture reviews, and risk assessments of cloud-based infrastructure, applications, and services.

  • Drive continuous improvement of cloud security posture through automation and monitoring.

  • Reviewing cloud architecture and configurations to validate security posture and data protection.

  • Leading threat modeling, risk assessments, and vulnerability management for cloud-native services.

  • Administering cloud security testing, including penetration testing, misconfiguration audits, and incident simulations.

  • Collaborating with DevOps and engineering teams to embed security into CI/CD pipelines and cloud deployments.

  • Automate cloud security controls using Terraform, Python, PowerShell, and policy-as-code frameworks.

  • Driving remediation of security findings and ensuring alignment with regulatory and compliance frameworks.

  • Leading security reviews of cloud perimeter defenses (e.g., WAFs, cloud-native firewalls, DDoS protection).

  • Managing cloud security controls and endpoint protection platforms (e.g., Defender for Cloud, CrowdStrike, Cloudflare, Proofpoint TAP).

  • Providing technical guidance and mentorship to engineers and multi-functional teams.

  • Developing and maintaining cloud security policies, playbooks, and documentation.

• Emerging Technologies:

  • Know the latest emerging technologies and industry trends to drive innovation and manage associated risks.

• AI & Cloud Security:

  • Design and implement security strategies for cloud-based AI systems

  • Conduct risk assessments and vulnerability analyses on AI models and cloud infrastructure, develop and enforce security policies, standards, and protocols for AI and cloud environments

  • Monitor and respond to security incidents involving AI and cloud platforms

  • Collaborate with engineering teams to integrate security controls into AI workflows

  • Lead security audits and compliance reviews for cloud-based AI solutions

  • Evaluate and recommend security tools and technologies for AI and cloud applications

  • Train and mentor staff on AI security awareness and secure development practices

  • Know the latest emerging threats, vulnerabilities, and advancements in AI and cloud security

  • Report on security metrics, incidents, and improvements to senior leadership.

• DevSecOps Leadership:  

  • Define a comprehensive, enterprise scaled DevSecOps Program Strategy and evolve the strategy to meet the continued needs of the organization

  • Lead and oversee the implementation strategy and partner on the execution plan for realization.

  • Operationalize the governance structure for the DevSecOps Program and ensure compliance with internal and external policies, guidelines, and industry standards.

  • Align security tooling strategy to DevSecOps program objectives and advise drive harmonization across R&D organizations

  • Ensure integration of security across the entire SDLC

  • Report on performance metrics to senior leadership.

• Multi-functional Collaboration:

  • Work closely with R&D and product teams to evaluate security risk, solutions, and drive security remediations into product releases.

  • Champion initiatives such as demonstrating innovative product security processes & technologies.

• Leadership & Management:

  • Collaborate with or mentor a small team of Product Security Engineers where applicable.

  • Work with multi-functional teams and customers to ensure projects are meeting technical objectives and deadlines.

• Customer Management:

  • Communicate effectively to ensure alignment with business goals and technical feasibility.

  • Engage in technical discussions with PSO and BD leadership as well as speaking in public forums where applicable.

  • Enable development of Security Champions across the organization.

  • May perform other duties as required

Qualifications:

• Undergraduate or Graduate degree in cybersecurity, computer science, software engineering or/and technical engineering or a proven track record of excellence in cybersecurity.

• 10+ years of product security, security risk management, and progressive experience focused on a combination of cloud and AI security

• 5+ years designing cloud security architectures in enterprise environments

• 5+ years of hands‑on experience securing production workloads in at least one major cloud platform (AWS, Azure, or GCP)

• 3+ years of direct experience securing AI, machine learning, or advanced data analytics platforms in cloud environments

• 3+ years in a Product Security and/or Application Development Security function in a regulated environment

• Experience with connected products, software development lifecycle, security automation, network technologies, and supply chain security are preferred

• Certifications such as CCNA, CCIE, CISSP, CISM, GIAC, MCSE, CCSP or equivalent, GPEN, CEH are preferred

Knowledge, Skills, and Ability Requirements:

• Domain expertise in Cybersecurity, Cloud & AI security

• Have experience with the implementation of Cloud Domain specific standards and approaches for product security and privacy

• Comprehensive knowledge of multi-cloud, cloud agnostic security architectures

• Proficiency with both interpreted and non-interpreted coding languages and practices

• Deep hands-on experience in building and operationalizing a comprehensive DevSecOps Program strategy, at scale, within an enterprise environment.

• Experience implementing security analysis and testing tools (SCA, SAST, DAST, fuzzing) in a DevSecOps pipeline

• Proven competence in threat modeling software systems or software enabled products using industry standard methods (STRIDE, PASTA, NIST, OWASP)

• Experience analyzing security vulnerability scanning results and determining the priority of patching activities

• Experience assessing security risks using industry standard methods (penetration test results, threat modeling, security testing) and determining residual risk after applying compensating security controls

• Experience working with teams in a structured software development lifecycle process, preferably an agile methodology

• Demonstrated technical competence and ability to effectively convey technical information to all levels and fields within an organization, from engineers to senior leadership to enable fact-based decision-making

• Proven ability to operate multi-functionally to complete business initiatives

• Demonstrated ability to translate strategies into objectives, tactics, and execution tasks

• Demonstrated ability to establish structure around ambiguous problems

• Strong written and verbal communication skills, collaboration skills, including conflict resolution

At BD, we prioritize on-site collaboration because we believe it fosters creativity, innovation, and effective problem-solving, which are essential in the fast-paced healthcare industry. For most roles, we require a minimum of 4 days of in-office presence per week to maintain our culture of excellence and ensure smooth operations, while also recognizing the importance of flexibility and work-life balance. Remote or field-based positions will have different workplace arrangements which will be indicated in the job posting.

For certain roles at BD, employment is contingent upon the Company’s receipt of sufficient proof that you are fully vaccinated against COVID-19. In some locations, testing for COVID-19 may be available and/or required. Consistent with BD’s Workplace Accommodations Policy, requests for accommodation will be considered pursuant to applicable law.

Why Join Us?

A career at BD means being part of a team that values your opinions and contributions and that encourages you to bring your authentic self to work. It’s also a place where we help each other be great, we do what’s right, we hold each other accountable, and learn and improve every day.  

To find purpose in the possibilities, we need people who can see the bigger picture, who understand the human story that underpins everything we do. We welcome people with the imagination and drive to help us reinvent the future of health. At BD, you’ll discover a culture in which you can learn, grow, and thrive. And find satisfaction in doing your part to make the world a better place.  

To learn more about BD visit https://bd.com/careers

Becton, Dickinson, and Company is an Equal Opportunity Employer. We evaluate applicants without regard to race, color, religion, age, sex, creed, national origin, ancestry, citizenship status, marital or domestic or civil union status, familial status, affectional or sexual orientation, gender identity or expression, genetics, disability, military eligibility or veteran status, and other legally-protected characteristics.

Why Join Us?

To find purpose in the possibilities, we need people who can see the bigger picture, who understand the human story that underpins everything we do. We welcome people with the imagination and drive to help us reinvent the future of healthcare. At BD, you’ll discover a culture in which you can learn, grow and thrive.

We believe that when people connect in person, we learn faster, collaborate more deeply, and build a stronger culture. Join us and enjoy a culture where face-to-face collaboration supports your learning, your progress, and your success.

To learn more about BD visit https://bd.com/careers.

Becton, Dickinson, and Company is an Equal Opportunity Employer. We evaluate applicants without regard to race, color, religion, age, sex, creed, national origin, ancestry, citizenship status, marital or domestic or civil union status, familial status, affectional or sexual orientation, gender identity or expression, genetics, disability, military eligibility or veteran status, and other legally protected characteristics.

Required Skills

Optional Skills

.

Primary Work Location

Additional Locations

Work Shift

At BD, we reward, support and develop our associates through our comprehensive Total Rewards program. We are committed to attracting and retaining high quality talent by providing reward and recognition opportunities that promote a performance-based culture, as well as a competitive package of compensation and benefits programs. You can learn more on our career site under "Our Commitment to You."

Our salary or hourly rate ranges reward associates fairly and competitively. We regularly review these ranges and factors, such as location, contribute to the range displayed.

Our pay is based on the role and the necessary skills and education to perform it successfully. The salary or hourly rate offered is determined by the role's specific requirements, including any applicable step rate pay system at the work location. Salary or hourly pay ranges are influenced by labor laws and Collective Bargaining Agreement (CBA) requirements applicable to the work location which may also affect the workplace arrangement of the role.

Salary Range Information