Sr. Principal Software Engineer, Cybersecurity
Req #: JR - 002934
Location: Round Lake, IL US
Job Category: Research and Development
Date Posted: 7/11/2019 4:49:49 PM
Around the world, our employees are united by our mission to save and sustain lives. Together, we create a culture that encourages colleagues to pursue rewarding careers -- where everyone has the opportunity to do meaningful work as a part of a team they respect, in an environment that values each person's contributions. We're happy you're interested in continuing your career journey with Baxter.
* Responsible for defining, implementing, executing, and documenting cybersecurity solutions across Baxter's peritoneal dialysis and hemodialysis device portfolios.
* Proactively drive the implementation of medical device cybersecurity functionalities that are part of the overall security architecture.
* Collaborate with the central cybersecurity team to establish security procedures for software development, including source code analysis, vulnerability scanning, and secure coding standards. Ensure implementation of procedures within peritoneal dialysis and hemodialysis products.
* Support medical device cybersecurity certification programs such as UL 2900.
* Collaborate with other engineering and functional organizations to understand and define product use cases and convert these use cases into software requirements and design implementations.
* Provide cybersecurity leadership to teams of engineers in multiple sites around the world.
* BS in Computer Science, Electrical Engineering or related field with an advanced technical degree desired. Experience should include at least 10 years of relevant technical experience.
* A demonstrated track record in software development, preferably medical devices or other highly regulated products such as military hardware.
* Experience with regulated software engineering disciplines (software development environments, configuration management tools, code inspection techniques and tools, testing methods and test management tools).
* Sound knowledge in cybersecurity standards such as NIST 800-53, ISO 27001, and FIPS 140-2.
* Technical experience in IoT device development, especially in embedded platform security, device communication protocols, and cryptographic functions.
* Proficient, concise and articulate verbal and written communication skills to convey cybersecurity topics to a wide range of audiences including customers, business executives, and technical partners.
* Experience in testing and implementing security controls for medical devices is strongly preferred.
* Development experience with Linux, RTOS, or Windows OS.
* Familiarity with common security functionalities implemented in OS kernel and network stacks. Capable of describing vulnerabilities that may exist in open source components, and inter-process communications.
* Knowledge in OS hardening, common security controls such as host-based firewall and intrusion detection system.
* Experience with security protocol stacks such as IPsec, TLS, OAuth, and SAML.
* Practical experience in threat modeling using a standard methodology such as STRIDE, PASTA, or Attack Trees.
* Working experience in developing cybersecurity failure mode and effects analysis documentation.
Equal Employment Opportunity
Baxter is an equal opportunity employer. Baxter evaluates qualified applicants without regard to race, color, religion, gender, national origin, age, sexual orientation, gender identity or expression, protected veteran status, disability/handicap status or any other legally protected characteristic.
EEO is the Law
EEO is the law - Poster Supplement
Pay Transparency Policy
Baxter is committed to working with and providing reasonable accommodations to individuals with disabilities. If, because of a medical condition or disability, you need a reasonable accommodation for any part of the application or interview process, please send an e-mail to Americas_TTA@baxter.com and let us know the nature of your request along with your contact information.
About Baxter International
Baxter International develops, manufactures and markets healthcare products.