This job listing has expired and the position may no longer be open for hire.

Director, Product Security at Varian Medical Systems, Inc. in Bismarck, North Dakota

Posted in Other 30+ days ago.

Type: Full Time

Job Description:


The Director of Product Security will lead the enterprise product security program supporting all of Varian's business units - which include products for treatment planning, treatment delivery, software and services.


* Manage the product security team and continue to develop and mature the product security program.

* Lead the secure systems development lifecycle (SSDLC) processes within the overall quality management system:

* Coordinate with the Regulatory Affairs and Quality Assurance organization to understand and manage country regulations and requirements

* Maintain the overall SSDLC procedures, work instructions and technical requirements

* Guide and support cybersecurity SMEs in the product teams on specific product releases

* Govern and increase the adoption of security tools used in the development pipeline

* Coordinate product penetration testing

* Provide architectural support for the business around key strategic initiatives

* Enhance the product security training program for employees across the organization

* Manage strategic initiatives to improve our cybersecurity controls - for example projects related to credential management, PHI handling, and support for our installation processes, remote service, cloud adoption and data analytics

* Oversee product security incident management and the management of security threats, vulnerabilities and disclosure reporting

* Develop overall program metrics to track the coverage and effectiveness of the program

* Engage regularly with executive stakeholders to provide updates, and drive the program forwards

Minimum Required Skills and Knowledge:

* 10 years of directly related experience including 5 years of management experience

* Strong business acumen with the ability to build business cases for technology initiatives and to effectively communicate the value proposition to non-technical stakeholders

* Medical Device security experience preferred

* Experience in designing and implementing product and application security controls for both cloud and on-premise

* Bachelor s degree required.

* Security qualification(s) such as CISSP


We're unleashing the power of technology and human ingenuity to achieve new victories in the fight against cancer. Join us and have a global impact.

Privacy Statement

EEO Policy:
All qualified applicants will receive consideration for employment without regard to race, sex, color, religion, national origin, protected veteran status, or on the basis of disability.