This is where you save and sustain livesAt Baxter, we are deeply connected by our mission No matter your role at Baxter, your work makes a positive impact on people around the world You'll feel a sense of purpose throughout the organization, as we know our work improves outcomes for millions of patientsBaxter's products and therapies are found in almost every hospital worldwide, in clinics and in the home For over 85 years, we have pioneered significant medical innovations that transform healthcare.
Together, we create a place where we are happy, successful and inspire each other This is where you can do your best workJoin us at the intersection of saving and sustaining lives-where your purpose accelerates our missionYour Role at Baxter:Baxter's Cardiology segment of the Front Line Care (FLC) business unit includes a suite of diagnostic cardiology solutions that are standard of care for improving diagnostic yield, workflow efficiency, and long-range patient outcomes The products include intelligent and connected devices that utilize advance sensing capabilities to generate differentiated insights across key heart conditions (e.
g Arrythmia, MI, CHF) Further, connected solutions through vendor neutral shared platforms can streamline workflows, EMR integration and care pathways across the patient journey Additionally, clinical, and remote services augment and support clinician and staff processes and services to provide actionable data on patients and devices And finally, AI aided diagnosis and decision support capabilities improve diagnostic yields and efficiencies.
The $130M business portfolio includes the ELI Resting ECG systems, Holter analysis and recorders, stress ECG diagnostics, spirometry diagnostics, and data management systems that represent the standard of care for diagnostic cardiologyPosition OverviewA Principal Engineer, Cyber Security will be responsible for development of products and providing creative solutions associated with the design, development, and sustaining engineering for our new and existing product portfolio The successful candidate will possess solid 'hands-on' technical abilities, an excitement and energy for product development, and a passion for their work and the impact it has on meeting the needs of patientsEssential Duties and Responsibilities:
- Work directly with software developers in building a 'security by design' mindset by defining implementations and coding in line with the Application Security Program mandates
- Implement embedded/cloud secure code solutions, design patterns, and coding guidelines that meet security and privacy requirements defined in the security plans, risk assessments, policies, and procedures.
- Support security project governance through scheduling activities, planning and prioritization
- Proactively drive security solutions implementation in-alignment with the development leads, security architects and product owner(s)
- Drive feature implementations in line with the architecture via designs, coding, reviews and tests Perform Proof of Concept (POC) activities as necessary
- Review, analyze and mitigate SAST, DAST, SCA and penetration test findings in collaboration with the developers for various electromechanical medical devices product lifecycles.
- Review current software security control measures and implement security enhancements across multiple medical devices
- Participate in post-market product analysis to support vulnerability investigations as required as well as be engaged in continuous security monitoring
Qualifications / Experience and/or Background
- Bachelor's degree in Computer Science, Computer Engineering, a related field or equivalent demonstrated experience and knowledge
- Minimum 5+ years of experience in software development or related fields
- Minimum 3 years technical experience working with cyber security design/development for embedded systems.
- Experience working with each of the following:Experience with C/C++, Python, Linux and/or security design within real-time operating systemsExperience analyzing, interpreting, and mitigating security findings from multiple sources including SAST, DAST, SCA and penetration testsEmbedded data at rest security implementations including Code Signing, Secure boot, and flash encryption implementationsEmbedded/IoT wired and wireless secure networking implementations within multiple layers of the OSI stackIoT/Embedded PKI solutions and implementation.
- Experience working with cyber security design/development for cloud systems/products is a plus
- Experienced security developer able to interpret and guide software development teams on secure coding practices and application security test report interpretation for various coding languages and operating environments
- Strong knowledge of secure software development lifecycle and practices including SAFe/ Agile methodologies for software development
- Understanding of security by design principles and architecture level security concepts
- Sound understanding and experience in implementing security technologies/techniques such as, Cryptographic Algorithms/Cipher Suites, Public key Infrastructure (PKI), Hardware/embedded authentication protocols, Secure Boot, and data-at-rest encryption methods.
- Experience implementing OWASP Top10 application security guidelines
- Knowledge of embedded system architecture and security controls (eg, firewall and border router configurations, wireless communication architectures, messaging authentication protocols
- Experienced in generating, defining, and reviewing penetration test results through knowledge standard methodologies and tools including environmental configuration definition, security analysis, threat modeling, and system security audits.
- Knowledge of current and emerging security threats and techniques for exploiting security vulnerabilities
- Exposure to international privacy requirements & cross-industry trends
Personal Characteristics
- Excellent communication, inter-personal and leadership skills
- Firm decision maker and shall possess good influencing skills
- Openness to collaborate in interest of project/organization
- Proactive and self-driven, possesses due sense of urgency
- Shall possess systems mindset and good problem-solving abilities
- Working with multisite teams, Quality conscious and Process & customer Oriented
- Coaching capabilities.
A Career That Matters Baxter's employees are united in a mission to save and sustain lives We are passionate about applying scientific innovation to meet the needs of the millions of people worldwide who depend on our medically necessary therapies and technologies We focus on increasing access to healthcare, innovating in crucial areas of unmet need, and pursuing creative collaborations that bring our mission to life for patients every dayEqual Employment OpportunityBaxter is an equal opportunity employer Baxter evaluates qualified applicants without regard to race, color, religion, gender, national origin, age, sexual orientation, gender identity or expression, disability/handicap status or any other legally protected characteristic.
Reasonable AccommodationsBaxter is committed to working with and providing reasonable accommodations to individuals with disabilities If, because of a medical condition or disability, you need a reasonable accommodation for any part of the application or interview process, please send an e-mail to and let us know the nature of your request along with your contact informationRecruitment Fraud NoticeBaxter has discovered incidents of employment scams, where fraudulent parties pose as Baxter employees, recruiters, or other agents, and engage with online job seekers in an attempt to steal personal and/or financial information To learn how you can protect yourself, review our 094807