Principal Engineer, Product Cybersecurity

As Senior Principal Engineer, own and direct the cybersecurity design and analysis of multiple medical devices. Demonstrate subject matter expert knowledge in state-of-the-art security principles. Resolve difficult problems, from conception to final design with team input. Plan, lead, and deliver project assignments in the evaluation, selection and adaptation of various cybersecurity engineering techniques, procedures, and criteria with minimal guidance.

Contributes to a cybersecurity vision that aligns with the organization's vision and strategic plan. Utilizes solid understanding of device and system connectivity concepts in a medical device domain. Provides direction to technical team members that are accountable for implementing cybersecurity, integration, and connectivity deliverables. Exhibits creativity and innovation in completing divisional and cross-functional/business unit goals and objectives.

What you'll be doing:

• Implement proof of concept project to define innovative solutions on platforms/server platforms. Lead implementation of medical device cybersecurity principles as part of an overall security architecture.
• Create, own, and maintain system requirements, architectures, risk analysis and other specifications that define the cybersecurity functionality of medical device systems both embedded and hosted.
• Create threat models of medical device systems and the interfaces between medical devices.
• Perform vulnerability scanning of medical device systems and analyze results.
• Monitor threat intelligence and analyze CWEs and CVEs that affect medical device systems and propose solutions.
• Drive cybersecurity improvements through product the cross functional teams, primarily software.
• Lead discussions to resolve competing constraints between interrelated functions (Engineering, Risk Management, Compliance, Clinical, Human Factors, Regulatory, Marketing, Service).
• Ensure compliance to the product development process and Quality System and Design Control requirements. Interface with regulatory bodies, representing Baxter and Baxter products, and ensure that regional cybersecurity needs are met., Baxter is committed to supporting the needs for flexibility in the workplace. We do so through our flexible workplace policy which includes a minimum of 3 days a week onsite. This policy provides the benefits of connecting and collaborating in-person in support of our Mission.

• BS in computer science, engineering, mathematics, information management, or related field with 5+ years of industry experience or Masters with 3+ years.
• Experience with threat modeling, penetration testing, fuzz testing, vulnerability scanning, secure code analysis.
• Experience with cybersecurity related software such as Blackduck, Coverity, etc.
• Experience dealing with threat intelligence, CWEs and CVEs.
• Familiarity with cybersecurity related organizations and certifications such as UL (UL-2900), ICS-CERT, FIPS 140, etc.
• Experience with cybersecurity functionality on embedded systems and hosted software applications.
• Requires strong organization and communication skills, with the ability to interface with both technical and non-technical personnel.
• Ability to convince management on courses of action with minimal assistance using both written and verbal methods., This is where your well-being matters. Baxter offers comprehensive compensation and benefits packages for eligible roles. Our health and well-being benefits include medical and dental coverage that start on day one, as well as insurance coverage for basic life, accident, short-term and long-term disability, and business travel accident insurance. Financial and retirement benefits include the Employee Stock Purchase Plan (ESPP), with the ability to purchase company stock at a discount, and the 401(k) Retirement Savings Plan (RSP), with options for employee contributions and company matching. We also offer Flexible Spending Accounts, educational assistance programs, and time-off benefits such as paid holidays, paid time off ranging from 20 to 35 days based on length of service, family and medical leaves of absence, and paid parental leave. Additional benefits include commuting benefits, the Employee Discount Program, the Employee Assistance Program (EAP), and childcare

benefits. Join us and enjoy the competitive compensation and benefits we offer to our employees.For additional information regarding Baxter US Benefits, please speak with your recruiter or visit our Benefits site: Benefits | Baxter

At Baxter, we believe every person-regardless of who they are or where they are from-deserves a chance to live a healthy life. It was our founding belief in 1931 and continues to be our guiding principle. We are redefining healthcare delivery to make a greater impact today, tomorrow, and beyond. Our Baxter colleagues are united by our Mission to Save and Sustain Lives. Together, our community is driven by a culture of courage, trust, and collaboration. Every individual is empowered to take ownership and make a meaningful impact. We strive for efficient and effective operations, and we hold each other accountable for delivering exceptional results. Here, you will find more than just a job-you will find purpose and pride.