Full Job Description
This is where you save and sustain lives
At Baxter, we are deeply connected by our mission. No matter your role at Baxter, your work makes a positive impact on people around the world. You’ll feel a sense of purpose throughout the organization, as we know our work improves outcomes for millions of patients.
Baxter’s products and therapies are found in almost every hospital worldwide, in clinics and in the home. For over 85 years, we have pioneered significant medical innovations that transform healthcare.
Together, we create a place where we are happy, successful and inspire each other. This is where you can do your best work.
Join us at the intersection of saving and sustaining lives— where your purpose accelerates our mission.
The Sr. Manager, IT Attack Surface Management role leads a global team responsible for continuously mapping the attack surface of Baxter as it applies to Application, Container, API, Network and System vulnerabilities across traditional and cloud native architectures. The manager is responsible for engaging stakeholders and managing processes to mitigate exposure by confirming that vulnerabilities have been resolved. This role will also play a leading role in ensuring that attacks are properly identified and prevented by the appropriate layers of the security stack.
Lead penetration testing, vulnerability management and red team operations services
Manage enterprise DevSecOps program
Develop and maintain strong partnerships with key system owners
Oversee the team responsible for prioritizing, scheduling and executing Internal and External Penetration Tests against systems and applications
Track findings and ensure that issues are remediated
Facilitate improvements to prevention and detection capabilities for the Security Monitoring Team
Leverage industry standard and emerging frameworks, plan and lead a mix of internal and external engagements to find areas of improvement in prevention, detection and response capabilities
Ensure that all assets in all environments are assessed for patch and configuration vulnerabilities
Monitor industry and vendor sources to track emerging risks and address within expected timeframes
Deliver clear, accurate, timely, and actionable reporting at the Enterprise and key stakeholder level by organization and region, and ensure that remediation is completed in alignment with organizational standards
Assess the Enterprise Application Portfolio and software deployment processes, leveraging industry and organizational best practices to ensure consistent delivery of secure code in traditional, cloud and mobile environments
Provide enterprise reporting that shows areas of risk relative to applications, containers and APIs and partner with stakeholders to ensure that this exposure remains within the risk tolerance of the organization
8+ years of IT experience with demonstrated effectiveness leading global operations teams
Skilled in structuring and managing offensive cyber operations to meet a variety of organizational needs while ensuring consistent enterprise reporting of risk to key stakeholders
SDLC experience, including CI/CD tools and processes
Experience working with Agile Development Practices
Strong track record of driving operational change, remediating patch and configuration vulnerabilities at scale
Familiar with Enterprise IT processes for asset, configuration, change, incident and problem management
Bachelor's degree in IT Security, Computer Science, a related field or equivalent demonstrated experience and knowledge
Excellent English verbal and written communication skills
Industry certifications nice to have: CISSP, CISM, CEH, OSCP or related
Equal Employment Opportunity
Baxter is an equal opportunity employer. Baxter evaluates qualified applicants without regard to race, color, religion, gender, national origin, age, sexual orientation, gender identity or expression, protected veteran status, disability/handicap status or any other legally protected characteristic.
EEO is the Law
EEO is the law - Poster Supplement
Pay Transparency Policy
Baxter is committed to working with and providing reasonable accommodations to individuals with disabilities globally. If, because of a medical condition or disability, you need a reasonable accommodation for any part of the application or interview process, please click on the link here and let us know the nature of your request along with your contact information.