Skip to main content

Sr IT Manager - Cybersecurity Vulnerability Management

Req # JR - 049824 Location Deerfield, Illinois, United States Job Category Information Technology Date posted 09/13/2021

This is where you save and sustain lives

At Baxter, we are deeply connected by our mission. No matter your role at Baxter, your work makes a positive impact on people around the world. You’ll feel a sense of purpose throughout the organization, as we know our work improves outcomes for millions of patients. 

Baxter’s products and therapies are found in almost every hospital worldwide, in clinics and in the home. For over 85 years, we have pioneered significant medical innovations that transform healthcare.

Together, we create a place where we are happy, successful and inspire each other. This is where you can do your best work. 

Join us at the intersection of saving and sustaining lives— where your purpose accelerates our mission. 

Sr. Manager, IT – Cybersecurity Vulnerability Management

Baxter International

Deerfield, IL (Workplace Flexibility is Available)

Critical Responsibilities

  • The Sr. Manager, IT Cyber Security Vulnerability Management Role leads a Global team responsible for continuously mapping the Cybersecurity Vulnerabilities within Baxter as it applies to Application, Container, API, Network and System vulnerabilities across traditional and cloud native architectures.

  • Architecting and managing adversary simulation campaigns and ensuring that all applicable controls required in the DevSecOps application security lifecycle are met. In this role they will be engaging stakeholders and managing processes to mitigate exposure by confirming that vulnerabilities have been resolved.

  • Leading role in ensuring that attacks are properly identified and prevented by the appropriate layers of the security stack.

  • Lead Penetration Testing Services. Develop and maintain strong partnerships with key system owners. Oversee the team responsible for prioritizing, scheduling and executing Internal and External Penetration Tests against systems and applications. Track findings and ensure that issues are remediated.

  • Facilitate improvements to prevention and detection capabilities for the Security Monitoring Team.

  • Lead Red Team Operations Services. Leverage industry standard and emerging frameworks, plan and lead a mix of internal and external engagements to find areas of improvement in prevention, detection and response capabilities. The scope will span Adversary Emulation, Purple Team and Red Team tools, infrastructure and processes.

  • Lead Vulnerability Management Services. Ensure that all assets in all environments are assessed for patch and configuration vulnerabilities. Monitor industry and vendor sources to track emerging risks and address within expected timeframes. Deliver clear, accurate, timely, and actionable reporting at the Enterprise and key stakeholder level by organization and region, and ensure that remediation is completed in alignment with organizational standards.

  • Lead the Enterprise DevSecOps Program. Ensure that the core requirements of the Secure System Development Lifecycle (SSDLC) are met at Enterprise scale across all in-scope applications. Assess the Enterprise Application Portfolio and software deployment processes, and leverage industry and organizational best practices to ensure consistent delivery of secure code in traditional, cloud and mobile environments. Provide Enterprise reporting that shows areas of risk relative to Applications, Containers and APIs and partner with stakeholders to ensure that this exposure remains within the risk tolerance of the organization.

Qualifications and Skills

  • 10+ years of IT experience with demonstrated effectiveness leading global operations teams

  • Strong track record of driving operational change, remediating patch and configuration vulnerabilities at scale

  • Demonstrated skill leveraging Cloud native capabilities to reduce security vulnerabilities

  • Strong knowledge of Code Security best practices

  • SDLC experience, including CI/CD tools and processes

  • Experience working with Agile Development Practices

  • Skilled in structuring and managing offensive cyber operations to meet a variety of organizational needs while ensuring consistent Enterprise reporting of risk to key stakeholders

  • Familiar with Enterprise IT processes for Asset, Configuration, Change, Incident and Problem Management

  • Bachelor's degree in IT Security, Computer Science, a related field with demonstrated experience and knowledge

  • Excellent English verbal and written communication skills

  • Industry certifications nice to have: CISSP, CISM, CEH, OSCP or related

Equal Employment Opportunity

Baxter is an equal opportunity employer. Baxter evaluates qualified applicants without regard to race, color, religion, gender, national origin, age, sexual orientation, gender identity or expression, protected veteran status, disability/handicap status or any other legally protected characteristic.

EEO is the Law 
EEO is the law - Poster Supplement
Pay Transparency Policy

Reasonable Accommodations

Baxter is committed to working with and providing reasonable accommodations to individuals with disabilities globally. If, because of a medical condition or disability, you need a reasonable accommodation for any part of the application or interview process, please click on the link here and let us know the nature of your request along with your contact information.

Recruitment Fraud Notice

Baxter has discovered incidents of employment scams, where fraudulent parties pose as Baxter employees, recruiters, or other agents, and engage with online job seekers in an attempt to steal personal and/or financial information. To learn how you can protect yourself, review our Recruitment Fraud Notice.

049824

Join Our Talent Community

This website is owned and operated by Baxter Healthcare Corporation [One Baxter Parkway, Deerfield, IL 60015-4625] ("Baxter") acting as data controller for itself and on behalf of all of its affiliates and subsidiaries. By clicking on the “Subscribe” button I declare that I have read the Privacy Policy and consent to Baxter processing my personal data for the purposes of joining the Baxter Talent Community: to provide me via email with job offers in the area of my interests and to provide me information about Baxter. I am aware that I have the right to withdraw my consent by clicking the “Unsubscribe” option in the emails I receive from Baxter.

Select InterestsSelect a job category from the list of options. Search for a location and select one from the list of suggestions. Finally, click “Add” to create your job alert.

  • Information Technology, Deerfield, Illinois, United StatesRemove

    You have not recently viewed any jobs.

    You have not saved any jobs.

Back to Top