Product Security Manager, Threat Research

at  BD

JOB DESCRIPTION SUMMARY

Becton Dickinson is seeking a highly skilled and experienced Product Security Manager, Threat Research to lead and continue to build and enhance our cybersecurity threat intelligence team. The successful candidate will play a crucial role in securing our extensive range of medical devices and systems against cyber threats. This position requires a dynamic leader with a deep understanding of threat hunting, threat research, and cybersecurity vulnerabilities specific to the healthcare industry.

ABOUT THE ROLE:

In this role, you will lead a specialised team dedicated to proactive threat research, analysing emerging cyber threats, and testing and identifying potential vulnerabilities in our deployed devices. You will be instrumental maintaining an up-to-date threat intelligence framework that informs our security strategies and response plans. You will perform and oversee regular vulnerability scanning to support our comprehensive post-market vulnerability process.
Post-market, you will oversee the continuous monitoring and management of vulnerabilities in our healthcare devices, coordinating closely with product development, engineering, and support teams to ensure timely and effective remediation. You will work within our established vulnerability disclosure program, fostering collaboration with external researchers and stakeholders to enhance our security posture.

MAIN RESPONSIBILITIES WILL INCLUDE:

• Evolve and enhance our continuous monitoring and analysis of threat intelligence sources to identify potential security risks proactively.
• Maintain detailed records of threat research activities, vulnerability assessments, and incident responses.
• Oversee the identification, assessment, and mitigation of vulnerabilities in BD products and infrastructure.
• Perform risk assessments to evaluate the potential impact of vulnerabilities and prioritise remediation efforts.
• Coordinate with Product Security Officers, development, engineering, and support teams to resolve identified vulnerabilities promptly.
• Ensure all post-market vulnerability management practices comply with relevant regulatory requirements and industry standards (e.g., FDA, ISO/IEC 27001).
• Foster strong relationships with internal R&D teams, external partners, and industry organisations to stay informed about the latest cybersecurity trends and developments.
• Provide expert guidance and support to cross-functional teams on security best practices and vulnerability management.
• Produce regular reports on the status of post-market vulnerability management efforts and key performance metrics.
• Ensure the continuous improvement of threat intelligence processes, tools, and technologies.
• Establish performance metrics, baseline team activity and work to continuously improve operations.
• Cultivate strong team unity and ensure alignment with organisational goals through effective communication, motivation, and leadership.
• May perform other duties as required.