BD · 2 months ago
Senior Technical Manager, Product Security,
Durham, NC
Full-time
Onsite
Senior Level
6+ years expBD is one of the largest global medical technology companies in the world, dedicated to advancing the world of health. The Senior Technical Manager, Product Security is responsible for ensuring security requirements for BD’s product portfolio are met, collaborating with various teams to deliver secure products while managing risks and compliance throughout the product lifecycle.
Health CareMedical DeviceTechnical Support
Responsibilities
Collaborate with all levels and geographies within the respective business to advance the product security strategy and objectives within the portfolio
Technology Leadership: Provide guidance and lead execution of security work including architecture analysis & reviews, threat assessment & modeling, implementing security technologies, security vulnerability analysis, SBOM creation and composition, security testing in an agile development environment, and security risk assessments for products and 3rd party solution providers. Provide leadership and guidance to Product Security team members on critical security issues, tactical alignment, and pivotal initiatives
Project Leadership: Develop comprehensive project plans, including timelines, resources and milestones, ensuring all activities align with project strategy and goals and monitor to mitigate risks and keep the product security initiatives on track
Risk Management, Quality & Compliance: Evaluate vulnerabilities and security issues to determine applicability and actual risk given environmental conditions, mitigations and compensating controls, and make recommendations on priorities and acceptance. Assess overall product risk posture. Participate in delivery of all required product security quality and regulatory documentation associated with product launches
Operational Management: Ensure that security by design practices are implemented in the development of products and the associated SW environments
Cross Functional Collaboration: Work closely with R&D and product teams to evaluate security risk, solutions, and drive security remediations into product releases. Champion initiatives such as demonstrating innovative product security processes & technologies
Leadership & Management: Collaborate with or mentor a small team of Product Security Engineers where applicable. Work with cross functional teams and stakeholders to ensure projects are meeting technical objectives and deadlines
Stakeholder Management: Communicate effectively to ensure alignment with business goals and technical feasibility. Engage in technical discussions with PSO and BD leadership as well as speaking in public forums where applicable. Enable development of Security Champions across the organization
May perform other duties as required
Qualification
Required
Undergraduate or Graduate degree in cybersecurity, computer science, software engineering, or a technical engineering/scientific field
Minimum of 6 years in cybersecurity, product security, or security risk management
Three (3)+ years in a Product Security and/or Application Development Security function in a regulated environment
Hands-on security engineering experience including threat and vulnerability analysis, Static Code and Software Composition analysis, DevSecOps integration
Experience assessing security risks using industry-standard methods
Experience implementing security design, development, validation, and compliance in a regulated environment
Experience implementing and demonstrating compliance to security frameworks (NIST 800-53, IEC 81001-5, HITRUST, HIPAA, GDPR, ISO 27001, SOC 2 Type 2)
Experience managing security teams and projects, with a proven ability to lead cross-functional initiatives and deliver measurable outcomes
Competence in threat modeling software systems using industry-standard methods (STRIDE, PASTA, NIST, OWASP)
Experience navigating and driving product cybersecurity requirements with 510(k) and PMA-regulated products
Experience working with teams in a structured software development lifecycle process
Demonstrated ability to influence and drive security strategy across diverse teams, aligning security objectives with business priorities
Proven track record as a change agent, leading cultural and process transformation to embed security into product development lifecycles
Strong communication and stakeholder engagement skills, capable of articulating security risks and solutions to technical and non-technical audiences
Ability to mentor and develop technical talent, fostering a high-performance security engineering culture
Preferred
Experience with connected products, software development lifecycle, security automation, network technologies, and supply chain security
Certifications such as CCNA, CCIE, CISSP, CISM, GIAC, MCSE, CCSP or equivalent, CEH
Experience with agile methodology (preferred over other SDLC approaches)
Company
BD helps advance clinical therapy with the process for patients and health care providers with innovative technology services and solutions.
10001+ employees
H1B Sponsorship
BD has a track record of offering H1B sponsorships. Please note that this does not
guarantee sponsorship for this specific role. Below presents additional info for your
reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2023 (66)
2022 (4)
2021 (3)
Funding
Current Stage
Public CompanyTotal Funding
$540MKey Investors
Steris
2023-08-02Post Ipo Equity· $540M
1962-04-23IPO
Leadership Team
Tom Polen
Chairman, CEO and President
Maureen Mazurek
Chief Sustainability and EHS Officer
Recent News
EIN Presswire
2026-01-09
Company data provided by crunchbase