Bausch & Lomb Incorporated

Product Cybersecurity Architect

Bausch & Lomb Incorporated$140K — $180K *
US-Anywhere
+ 2 other locationsRemote
Healthcare
5 - 7 years of experience
Job Overview by Ladders

Qualifications

  • Bachelor's degree in Engineering, Computer Science, Cybersecurity, or related field.
  • 7+ years of experience in product security or software security in a regulated environment.
  • Demonstrated experience in cybersecurity for medical device development programs.
  • Strong communication, collaboration, and problem-solving skills.
  • Ability to articulate cybersecurity risks for various stakeholders.

Responsibilities

  • Architect and implement a scalable cybersecurity strategy for surgical products.
  • Embed secure-by-design principles throughout the product lifecycle.
  • Lead cybersecurity requirements execution across development programs.
  • Coordinate vulnerability management activities from intake to closure.
  • Act as the cybersecurity representative for vulnerability disclosure and incident response.
  • Collaborate with engineering teams to implement security testing practices.
  • Manage third-party security initiatives and software supply chain risks.

Benefits

  • Medical, dental, and vision insurance.
  • Disability and life insurance.
  • 401(k) plan with company match.
  • Tuition reimbursement for select degrees.
  • Paid vacation, sick time, and floating holidays.
Full Job Description
Why this Role Matters

Join the Surgical R&D organization in a role where you will help ensure the cybersecurity, safety, and reliability of innovative surgical products that support patient care. In this position, you will be responsible for embedding secure-by-design practices throughout the product lifecycle while partnering with engineering, quality, regulatory, and corporate security teams to deliver compliant and resilient solutions. This is a strong opportunity for someone who brings deep product security expertise, strong cross-functional collaboration skills, and a passion for advancing cybersecurity within a regulated medical device environment.

What You'll Do

  • Architect and implement a consistent cybersecurity strategy across surgical capital equipment product lines to establish a scalable and secure product ecosystem.
  • Embed secure-by-design principles throughout the product lifecycle, providing guidance on secure architecture, threat modeling, design controls, cryptography, and secure communication protocols.
  • Lead execution of cybersecurity requirements across development programs, ensuring alignment with regulatory expectations, corporate standards, and product quality objectives.
  • Coordinate vulnerability management activities, including intake, triage, risk assessment, remediation tracking, and documentation of product security issues through closure.
  • Serve as the Surgical R&D cybersecurity representative for vulnerability disclosure and incident response activities, supporting investigations, impact assessments, root cause analyses, and remediation efforts.
  • Partner with engineering teams to implement security testing practices, including SAST, DAST, SCA, penetration testing, and automated security controls within development pipelines.
  • Support supplier and third-party security initiatives by defining security requirements, managing software supply chain risks, and maintaining Software Bill of Materials (SBOM) processes.
  • Collaborate with Quality, Regulatory Affairs, IT, and Corporate Product Security teams to ensure compliance with evolving cybersecurity regulations and industry standards while enabling efficient product delivery.


What You'll Bring

Required Education & Experience:
  • Bachelor's degree in Engineering, Computer Science, Cybersecurity, or a related technical discipline.
  • 7+ years of experience in product security, application security, medical device cybersecurity, or software security within a regulated environment.
  • Demonstrated experience supporting or leading cybersecurity activities for medical device or other regulated product development programs.
  • Strong communication, collaboration, stakeholder management, and problem-solving skills.
  • Ability to translate technical cybersecurity risks into clear, actionable guidance for engineering, quality, and regulatory stakeholders.


Specialized Technical, Regulatory & Industry Skills & Knowledge
  • Strong expertise in secure product design, threat modeling, vulnerability management, and secure software development practices.
  • Working knowledge of connected device security, embedded systems, and software-enabled product architectures.
  • Experience with security testing tools and methodologies, including SAST, DAST, SCA, and penetration testing.
  • Understanding of software supply chain security practices, including SBOM development and third-party risk management.
  • Experience working across cross-functional and global teams to drive cybersecurity outcomes and influence stakeholders without direct authority.
  • Knowledge of secure development lifecycle (SDLC) frameworks, vulnerability disclosure processes, and product incident response activities.
  • Familiarity with cybersecurity governance, risk assessment, and compliance processes within regulated industries.


Preferred
  • Advanced degree in Cybersecurity, Computer Science, Engineering, or a related field.
  • Relevant industry certifications such as CISSP, CSSLP, OSCP, GWAPT, or equivalent.
  • Experience in medical device, healthcare, or other regulated industries, and/or working within a quality-managed or GxP regulated environment.
  • Working knowledge of medical device cybersecurity regulations and standards (e.g., FDA premarket/post market guidance, IEC 81001-5-1, AAMI TIR57, UL 2900, NIST frameworks).
  • Experience developing cybersecurity documentation to support regulatory submissions and audits.


This position may be available in the following location(s): US - Remote

For U.S. locations that require disclosure of compensation, the starting pay for this role is between $140,000 and $180,000. The estimated salary range reflects an anticipated range for this position. The actual base salary offered may depend on a variety of factors.

U.S. based employees may be eligible for short-term and/or long-term incentives. They may also be eligible to participate in medical, dental, vision insurance, disability and life insurance, a 401(k) plan and company match, a tuition reimbursement program (select degrees), company holidays, and well-being benefits, among others. U.S. based employees are also eligible to receive sick time, floating holidays and paid vacation.

About Bausch & Lomb Incorporated

Bausch & Lomb is a leading global eye health company that specializes in the design, manufacture, and sale of a wide range of eye care products, including contact lenses, lens care products, and surgical instruments. The company has a strong presence in the United States and Europe, and is expanding its operations in Asia and Latin America. Bausch & Lomb is committed to innovation and research, and has a long history of developing new technologies and products to improve eye health.
Learn more about Bausch & Lomb Incorporated
Size
12,000 employees
Industry
Net Income
$100 million
5 Year Trend
-5%
Revenue
$5 billion
NASDAQ

Similar Jobs

More Jobs at Bausch & Lomb Incorporated

More Healthcare Jobs

Find similar Product Cybersecurity Architect jobs: