Principal Cybersecurity Engineer for Whippany, NJ to define project-level cybersecurity requirements; design & develop security solutions to mitigate product cybersecurity risks; understand medical device products & clinical applications to identify potential cybersecurity threats and develop mitigations; perform threat modeling, vulnerability testing, security risk analysis & security assessments; review security architecture & designs; secure medical devices, medical device software & IT software against cyber threats; lead cybersecurity risk assessments & cyber signal incident responses and investigations; lead cross-functional teams; coordinate strategic supplier & partner relationships. Requires Master’s in Cybersecurity, Computer Science, Telecommunications or closely related field & 4 yrs experience in cybersecurity-related position(s) in a medical device R&D environment: performing threat modeling of regulated medical devices using STRIDE and assessing cybersecurity risk to patient safety & Protected Health Information (PHI); creating security designs & requirements based on user needs; applying security technologies to medical device product designs within software & hardware, including network security, encryption, firewalls and TPM; leading cross functional teams in reviewing security architecture and design; applying cybersecurity standards, including NIST CSF, NIST SP 800-30, AAMI TIR57 & AAMI TIR 97, and data privacy standards, including HIPAA; creating documentation for regulatory submissions, including cybersecurity management plans, threat model reports, security risk & cyber signal assessments, MDS2 and SBOM; applying cybersecurity & secure design principles to medical device products in compliance with FDA Cybersecurity Guidance for Medical Devices; conducting security testing & vulnerability scanning using Burp suite, Wireshark and Nessus and analyzing findings with qualitative risk prioritization, including CVSS and OWASP; planning & overseeing penetration testing with third party testers; and developing cybersecurity policies & procedures. Position may telecommute on a full-time basis from anywhere in the U.S. Up to 10% travel to Pittsburgh, PA req’d. Salary Range: Employees can expect to be paid a salary between $190,000.00 to $220,000.00. Additional compensation may include a bonus or commission (if relevant). Additional benefits include health care, vision, dental, retirement, PTO, sick leave, etc. The offered salary may vary within this range based on an applicant’s location, market data/ranges, an applicant’s skills and prior relevant experience, certain degrees and certifications, and other relevant factors. Mail resume to Cascinda Fischbeck, Bayer HealthCare LLC, 800 N. Lindbergh Blvd., E2NE, St. Louis, MO 63167 or email resume to BHC_careers@bayer.com. Include reference code below with resume.
Bayer Healthcare LLC is an Equal Opportunity Employer/Disabled/Veterans
Bayer Healthcare LLC is committed to providing access and reasonable accommodations in its application process for individuals with disabilities and encourages applicants with disabilities to request any needed accommodation(s) using the contact information below.
If you meet the requirements of this unique opportunity, and want to impact our mission Science for a better life, we encourage you to apply now. Job postings will remain open for a minimum of ten business days and are subject to immediate closure thereafter without additional notice. Equal Opportunity Employer Statement: Notice for U.S. Visitors: All information on this site is subject to compliance with local rule and regulations as they may vary from time to time and across different geographies, including, without limitation, U.S. Executive Orders. Division: Consumer Health Reference Code 867137 Functional Area: IT Location: Whippany, NJ Employment Type: Regular Position Grade: Contact Us Address Telephone Creve Coeur, MO 63167 OR BHC_careers@bayer.com