Stay up-to-date on Baxter careers

Apply Now    

Global IT Security - Business Information Security Officer (BISO)

Req #: 18000267_en
Location: Deerfield, IL US
Job Category: Information Technology
Date Posted: 1/22/2018 5:09:44 PM
Baxter International


Global IT Security - Business Information Security Officer (BISO)
Security Governance & Strategy
Baxter International
Deerfield, IL or Virtual/Work From Home (US)

About Baxter

Baxter provides a broad portfolio of essential renal and hospital products, including home, acute and in-center dialysis; sterile IV solutions; infusion systems and devices; parenteral nutrition; surgery products and anesthetics; and pharmacy automation, software and services. The company’s global footprint and the critical nature of its products and services play a key role in expanding access to healthcare in emerging and developed countries. Baxter’s employees worldwide are building upon the company’s rich heritage of medical breakthroughs to advance the next generation of healthcare innovations that enable patient care.


• Manager functional role within Global IT Security to provide consultation, advice and support to Baxter Line of Business in implementation of secure business solution.
• BISO is the center of competence for Information Security and plays an active role to support business executive team on cyber security awareness, align business strategy with information security strategy and act as an enabler for the business.
• Accountability to ensure that Information Security Risks within their assigned portfolios are identified, assessed & reported; appropriate controls are in place and local procedures & activities comply with Baxter Information Security (IS) policies, standards operating procedures, industry best practices and regulatory requirements.
• Interact with Design Engineering and service providers, key stakeholders, personnel from various functions — including the application development, operations and network, and privacy teams — and with business departments.

Key Accountabilities

• Consulting, Advisory and Control
• Communication & Reporting
• Liaison between Business Team, Design Engineering and Global IT organization
• Training and Awareness


In order to be successful in the position the successfully candidate should ideally have:

• Business and Information Security background
• Medical Devices and IT Security Risk Management skills
• Strong verbal and written communication skills


• 6-8 Years of experience in Cybersecurity and 2=3 years of business facing roles/consultancy
• Work closely with business executive team, portfolio personnel, stakeholders, and senior management to identify Information Security risks and controls.
• Understand Business and Information Security strategies as they relate to the portfolio
• Work as an Information Security subject matter expert and provide expertise in regards to their support area or portfolio
• Provide Information security requirements, advice and counsel to portfolio personnel, project teams, and the Business ensuring alignment to IS processes and solutions
• Evaluate and assess emerging security threats and vulnerabilities in portfolio and work with portfolio personnel to identify appropriate controls.
• Provide portfolio personnel guidance in understanding and responding to security incidents with appropriate stakeholders.
• Be an advocate for IS& Medical Devices solutions and standards.
• Implement information security risk governance and control framework for the local organization that incorporates a consistent, sustainable methodology for identifying, assessing, and documenting information security risk that provides early warning of potential failure to meet information security requirements.
• Directs and monitors due diligence of information security risk processes and results on an ongoing basis
• Identifies, evaluates the magnitude and documents information security risks in the portfolio and ensures necessary approvals are obtained.
• Oversees and manages portfolio of Information Risk Issues to ensure these are current, accurate and are supported by sound resolution plans or formal risk acceptance by business executive.
• Participate, facilitate and deliver training and awareness to promote Information Security within the assigned portfolio.
• Promoting centralized training and awareness opportunities to ensure participation from assigned group.
• Spreading awareness and knowledge of good Information Security practices in the general and specific local populations.
• Assist local organizations in developing and implementing their own unit or role specific Information Security training and awareness programs as appropriate.

Knowledge and Skills

• Strong understanding of cyber security trends and events
• Working knowledge of policies, standards and operating procedures in large organizations relating to information security risk
• Information Security certification e.g. CISSP, CISSLP, GIAC etc. is desired
• Strong analytical and multi-tasking skills, writing proficiency and visual design skills, problem solving and decision-making skills Highly developed communication skills, both verbal and written
• Strong team-oriented interpersonal skills, with the ability to interface effectively with a broad range of people and roles, including vendors, IT-business personnel
• Excellent verbal and written communication skills.
• Advanced knowledge in information security principles, including risk assessment and management, threat and vulnerability management, and identity and access management.
• Advancement of security governance knowledge including but not limited to security control relationships and correlation of accumulative/inherent risks related to mitigation, noncompliance and/or risk acceptance.
• Ability to exercise sound judgment in complex situations.
• Strong customer/client focus, with the ability to manage expectations appropriately, provide a superior customer/client experience and build long-term relationships.
• Ability to work well under minimal supervision.

A Career That Matters

Baxter’s employees are united in a mission to save and sustain lives. We are passionate about applying scientific innovation to meet the needs of the millions of people worldwide who depend on our medically necessary therapies and technologies. We focus on increasing access to healthcare, innovating in crucial areas of unmet need, and pursuing creative collaborations that bring our mission to life for patients every day


Equal Employment Opportunity

Baxter is an equal opportunity employer. Baxter evaluates qualified applicants without regard to race, color, religion, gender, national origin, age, sexual orientation, gender identity or expression, protected veteran status, disability/handicap status or any other legally protected characteristic.

EEO is the Law
EEO is the law - Poster Supplement
Pay Transparency Policy

Reasonable Accommodations
Baxter is committed to working with and providing reasonable accommodations to individuals with disabilities. If, because of a medical condition or disability, you need a reasonable accommodation for any part of the application or interview process, please send an e-mail to Americas_TTA@baxter.com and let us know the nature of your request along with your contact information.

Apply Now    
Link for schema