Job ID R-443014 Date posted 06/28/2022 Apply

Sr. Director, Information Security - Engineering

Job Description Summary

Job Description

Description

The Sr. Director of Information Security Engineering serves as the strategic leader of engineering efforts for both enterprise information security and product security organizations. Reporting into the Chief Information Security Officer (CISO), the Sr. Director of Information Security Engineering is responsible for developing and aligning security engineering initiatives with company-wide programs, business objectives and ensuring that information assets and technologies used in BD products, manufacturing, service, enterprise IT, and third-party partners are adequately secure and resilient. The role provides leadership and is accountable for the BD information and product security engineering strategic planning goals, mission, vision, values and budget. The primary objective of this role is assuring the adequate protection and resilience of information assets (process, systems and data) from compromises in the confidentiality, integrity and availability for product, manufacturing, service, and enterprise IT.

The Sr. Director of Information Security Engineering shall have an in-depth understanding of technical activities including security testing, architecture, analyzing current technology infrastructure for product, manufacturing, service, and enterprise IT, assuring alignment with strategic plans, ensuring IT and business operations as well as Information and Product Security policies and procedures adhere to local laws around the world.

Additionally, the Sr. Director shall manage security architects and penetration testers and partner with the Enterprise IT and R&D teams charged with engaging the various business units on business strategy and plans to drive security strategy into the various annual strategic plans of all Business Units.  This individual will have a strong working knowledge of emerging technologies and the impacts of these technologies on the Information and Product Security polices, procedures, and BU/Division Strategic Plans.

Finally, the Sr. Director will develop and maintain (on an annual basis) the BD Information Security Technology Roadmap.  This roadmap will be approved each year by the CISO, CIO and CTO.  The roadmap will encompass a multi-year plan of how the company will execute the information and product security requirements and invest in various new capabilities and initiatives.

Responsibilities

1.    The position is responsible for BD-wide Information Security Engineering efforts. Collaborate with internal/external Business partners/ leaders to develop a comprehensive strategy and implement effective Information Security programs. Develop trust and confidence of company leaders.

2.    Serves as internal security consultant to the organization and monitors advancements in cybersecurity technologies. Advise the organization with current information about technologies.

3.    Establish a security culture through education and awareness programs designed to reduce risks to BD, customers, and third-parties while also engaging with key business leaders to ensure business unit involvement. 

4.    Develops the organization design, resources and processes to effectively accomplish product and enterprise IT objectives.

5.    Guide and influence technology investments within the context of operational effectiveness and organizational alignment with business and IT strategic plans.

6.    Oversee the selection of testing, deployment, and maintenance for security hardware and software products as well as outsourced arrangements.

7.    Improve information and product security policies, business and IT risk roadmaps and a formal process around security risk assessment, mitigation, response and governance.

8.    Participate in the strategic plans of Business Units, Regions, and Enterprise IT.

9.    Plan, test and execute responses to security breaches, including outreach as necessary with customers, partners, or the general public.

10.  Partner and coordinate security activities with related compliance, regulatory and quality organizations (e.g., Privacy, Ethics & Compliance, Regulatory Affairs).

Requirements

1.    Minimum of 6 years of information, product, and/or cyber security leadership experience.  Minimum of 5 years’ experience managing internal talent, as well as 3rd party consultants.

2.    Strong knowledge of Secure Software Development Lifecycle (SDLC) processes and methodologies.

3.    In-depth knowledge of networking and protocols.

4.    Strong understanding of a wide variety of cybersecurity technologies for architecture and testing relating to Multi-Factor Authentication, Passwordless Authentication, Digital Rights Management, PKI, Endpoint Protection, Mobile Device Management, Patch Management, Vulnerability Management, Security Incident and Event Management, Data Loss Prevention, Zero Trust.

5.    Able to align and connect business strategies with technology solutions.

6.    Excellent presentation and communication skills.

7.    Manage a security engineering program assuring that project teams are well-managed and that appropriate resources are provided.

8.    Subject matter expertise relevant to assigned business area

9.    Ability to communicate complex technical challenges in a non-technical and simplified manner to business audience.

10.  Ability to effectively communicate business needs to the technology teams.

Education and Skills 

1.    BA/BS in Computer Science or related discipline required,

2.    Advance degree preferred

3.    Certifications such as MCSE, CCNA, CCIE, CISSP, CISM, GIAC, CEH preferred

Primary Work Location

USA NJ - Franklin Lakes

Additional Locations

USA MA - Andover, USA MD - Sparks - 7 Loveton Circle

Work Shift

Apply

Working in

Franklin Lakes

Take a look at the map to see what's nearby.

Working in

Franklin Lakes

Take a look at the map to see what's nearby.

Recommend
to a friend

Approve
of CEO

"Purpose driven company where associates work every day to make healthcare better. A lot of great initiatives going on to make BD the best MedTech company in the world."
Anonymous, Franklin Lakes, NJ

Don’t miss out

Receive customized job alerts based on your function and/or location search criteria.

Interested inSelect a job category from the list of options. Search for a location and select one from the list of suggestions. Finally, click “Add” to create your job alert.

Join our talent pool

Upload your resume to help our recruiters match you to the right job. They'll be in touch if they find a good fit.

BD Fraud Notice

Please be aware of potentially fraudulent job postings on other websites or suspicious recruiting email or text messages that attempt to collect your confidential information. If you are concerned that an offer of employment with BD, CareFusion or C.R. Bard might be a scam, please verify by searching for the posting on the careers page or contact us at ASC.Americas@bd.com. For more information click here.