AstraZeneca has flagged the Senior IT Manager - Security & Compliance job as unavailable. Let’s keep looking.

This is where you save and sustain lives

At Baxter, we are deeply connected by our mission. No matter your role at Baxter, your work makes a positive impact on people around the world. You'll feel a sense of purpose throughout the organization, as we know our work improves outcomes for millions of patients.

Baxter's products and therapies are found in almost every hospital worldwide, in clinics and in the home. For over 85 years, we have pioneered significant medical innovations that transform healthcare.

Together, we create a place where we are happy, successful and inspire each other. This is where you can do your best work.

Join us at the intersection of saving and sustaining lives—where your purpose accelerates our mission.

Job Summary

Job Title – Sr. Manager – BISO

As a Sr. Manager, IT - Business Information Security Officer (BISO) reporting to the Assoc. Director – Global BISO Lead within the Office of the CISO, information security is an enabler for the business. Will operate understanding the business strategy and bridging the gap between security and business interests.

Will be responsible for managing the information security program for a major business unit and serving as the primary information security advisor and partner. This role will collaborate with business unit leadership and IT teams to identify information risks and implement security controls that enable business objectives while complying with corporate policies and external regulations.

Most importantly, will need from you to be pragmatic and practical in your understanding of Operational Technology and IT operations, and familiar with corporate cybersecurity objectives, industry standards, etc. We will require you to be passionate about information security and risk management, driven to create a culture that enables us to innovate with speed while keeping our environment secure, and dedicated to building relationships to enable problem solving.

Responsibilities:

  • Develop and execute the annual information security plan for the business unit, including activities around risk management, audits, awareness training, and control implementation,
  • Partner with Global Business Units leadership to advise, drive decision-making on security to enable the business while mitigating cybersecurity risk,
  • Understand the goals, products, and objectives of the GBUs to lead and define a roadmap of security initiatives,
  • Develop the strategy to embed security in the business through influencing and driving prioritization of initiatives with executive leaders,
  • Innovate and communicate how to adopt security practices most efficiently both with the GBUs, product engineering, manufacturing sites, site operations and the security team so the organization benefits,
  • Advise business unit leaders on information security matters, regulatory requirements, threat landscape, and data protection best practices.
  • Conduct security risk assessments of business unit infrastructure, applications, and processes to identify potential vulnerabilities.
  • Partner with application teams to ensure security is built into systems by design following secure architecture principles.
  • Monitor security controls and processes to identify gaps; recommend and drive remediation actions.
  • Oversee to security incidents, minimize business impact, and implement lessons learned.
  • Track security metrics such as system vulnerabilities, training completion, and audit findings to report on program effectiveness.
  • Stay current on information security trends, technologies, and regulations.
  • Communicate business needs with the InfoSec team to inform development of strategy, capabilities and solutions that address unique business challenges. Collaborate with other BISOs and the CISO to build a culture across the enterprise that allows us to deliver innovative solutions while reinforcing the trust our customers transfer to us,
  • Drive the adoption and improvement of InfoSec policies, measure trust platform control and capability adoption, effectiveness and maturity across the data center groups, and support security architecture responsibilities for designing,
  • In case of incidents, lead, prioritize and coordinate the response and lead a programmatic approach to long term risk mitigation and solution sustainability,
  • Design and drive an internal and external Outreach and Engagement programs to showcase Baxter’s cyber brand and Baxter’s engagement on Industry platforms and working groups.
  • Work closely with cross-functional teams, including IT, legal, HR, and business units, to ensure security considerations are embedded into business processes and projects.
  • Direct the Business Security office to enable business segments to securely achieve business goals and protect business value. Provide guidance and support to business units regarding security-related initiatives, ensuring alignment with corporate policies and industry standards. 
  • Supports corporate risk leadership to review enterprise IT and cyber risks, assess capabilities, prioritize security, and risk strategies, and communicate risk intelligence in a way that drives business decision-making.

Education, Knowledge, and Experience

  • Bachelor’s degree in information security, Computer Science, or related field required.
  • 7+ years’ experience in an information security practitioner role,
  • Expert knowledge of data protection, regulatory compliance, access controls, network security, and risk management,
  • Strong knowledge of Security regulations and hands-on in compliance for pharma, healthcare, data privacy, (GDPR, HIPPA, CE+, etc.,),
  • Success in bridging technology and business areas
  • Experience working with and/or implementing risk management frameworks.
  • Experience across common industry security policy areas, including ISO, NIST, COBIT, PCI, SOX and others.
  • Experience securing multiple platforms and operating systems.
  • In-depth knowledge of technology, security, risk and compliance best practices
  • Strong technical background with hands-on experience implementing security tools and technologies.
  • Strong understanding of the cyber threat strategies,
  • Proficient in Microsoft Office Applications.
  • Excellent verbal and written communication skills. Ability to present to senior leadership.
  • Ability to multi-task, prioritize, and manage time effectively,
  • Excellent organizational, time management and interpersonal skills
  • Strong problem-solving skills,
  • Strong attention to detail and process,
  • Highly motivated and willing to deliver and perform in an independent and remote work environment,
  • Experience building relationships, influencing business partners, and driving change.
  • Industry certifications such as CISSP, CISM, CISA preferred.

Reasonable Accommodations

Baxter is committed to working with and providing reasonable accommodations to individuals with disabilities. If, because of a medical condition or disability, you need a reasonable accommodation for any part of the application or interview process, please send an e-mail to Americas_TTA@baxter.com and let us know the nature of your request along with your contact information.

Recruitment Fraud Notice

Baxter has discovered incidents of employment scams, where fraudulent parties pose as Baxter employees, recruiters, or other agents, and engage with online job seekers in an attempt to steal personal and/or financial information. To learn how you can protect yourself, review our Recruitment Fraud Notice.

Read Full Description
Confirmed 8 hours ago. Posted 30+ days ago.

Discover Similar Jobs

Suggested Articles