The Program Manager I - Product Security (R&D) supports the department goals and processes by providing project management and security technical expertise. Responsible for project management of assigned projects. This role will collaborate within BSC with Quality, R&D, IT and within the department with architects and engineers. The candidate will be a key leader in the enhancement of Quality System processes related to securely designing and maintaining medical devices.
- Provides program management for Global Product Cybersecurity engineering including collaboration with the director of Global Product Cybersecurity, IT and other BSC functions. Accountable for project/phase planning, execution, reporting and close-out.
- As assigned by the Director of Global Product Cybersecurity, leads team-level projects for the Global Product Cybersecurity department
- Collaborates with various departments and product teams to create a consistent product security maturity profile as part of the product inventory for each product line and area of the organization
- Develops and maintains security impact guidelines to assist product teams in consistent scoring of security impact in risk assessments.
- Maintains awareness of relevant external relationships with vendors, contractors, and other industry and government partners.
- Provides feedback on standards and best practices in consultation with other department subject matter experts.
- Supports development and maintenance of Quality System processes (work instructions, knowledge sharing documents, standard operating procedures) needed for pre and postmarket product cybersecurity. Assists in operational processes for Quality System postmarket cybersecurity.
- Maintains knowledge sharing documents for engineering systems security requirements based on standards and procedures.
- Assists in defining product security frameworks, metrics, reporting mechanisms, and program services and a roadmap for continual program improvements. Conducts industry benchmarking to better inform product security strategy and maturity/performance.
- Promotes communication at all levels and areas including the team, management, and functional areas.
- Participates in medical device industry standards activities work groups and committees.
- Bachelor's degree plus at least a minimum of 5 years of related work experience or an equivalent combination of education and work experience (including 5 years experience of product cybersecurity).
- Advanced degree preferred.
- Experience with medical device, defense, pharmaceutical or other highly regulated industries.
- Experience using project management and influence skills to lead cross functional change
- Knowledge of security regulations and experience with creating security requirements to meet regulatory intent.
- Experience with audits including responses to audit findings.
Quality System Requirements
- In all actions, demonstrates a primary commitment to patient safety and product quality by maintaining compliance to the Quality Policy and all other documented quality processes and procedures.
- Assures that appropriate resources (e.g. personnel, tools) are maintained in order to assure Quality System compliance and adherence to the BSC Quality Policy.
- Establishes and promotes a work environment that supports the Quality Policy and Quality System.