Sr. Director, Product Security

Abbott


Job Location:

Saint Paul, MN - USA

Monthly Salary: $ 190000 - 380000
Posted on: 11 hours ago
Vacancies: 1 Vacancy

Job Summary

Abbott is a global healthcare leader that helps people live more fully at all stages of life. Our portfolio of life-changing technologies spans the spectrum of healthcare with leading businesses and products in diagnostics medical devices nutritionals and branded generic medicines. Our 115000 colleagues serve people in more than 160 countries.

JOB DESCRIPTION:

WORKING AT ABBOTT:

At Abbott you can do work that matters grow and learn care for yourself and family be your true self and live a full life. Youll also have access to:

  • Career development with an international company where you can grow the career you dream of
  • Free medical coverage for employees* via the Health Investment Plan (HIP) PPO
  • An excellent retirement savings plan with high employer contribution
  • Tuition reimbursement the Freedom 2 Save student debt program and FreeU education benefit - an affordable and convenient path to getting a bachelors degree
  • A company recognized as a great place to work in dozens of countries around the world and named one of the most admired companies in the world by Fortune
  • A company that is recognized as one of the best big companies to work for as well as a best place to work for diversity working mothers female executives and scientists

THE OPPORTUNITY:

The Sr. Director Product Security is responsible for establishing and scaling a comprehensive product security program that ensures the security safety and regulatory compliance of all products across their lifecycle. This role drives the integration of security into engineering R&D and product development processes enabling teams to deliver secure-by-design solutions. The leader partners across divisions to standardize practices manage risk and ensure readiness for audits certifications and emerging regulatory requirements. Additionally this role oversees incident preparedness and response capabilities to protect patients customers and business operations. The position plays a critical role in enabling innovation while maintaining strong governance and trust.

This role requires a strong on-site presence to effectively support engineering R&D and product teams in the integration of product security practices throughout the development lifecycle. The Sr. Director is expected to be onsite a minimum of four days per week to enable close collaboration drive alignment and provide timely guidance on security regulatory and risk-related matters. Given the need for consistent engagement with cross-functional stakeholders and leadership candidates must reside within the local Twin Cities area or be able to meet this expectation.

MAIN RESPONSIBILITIES

Strategy Governance & Risk

  • Define and execute the enterprise product security strategy aligned with regulatory business and risk objectives.

  • Establish and maintain product security governance frameworks including policies standards and controls.

  • Own product security risk management including risk identification prioritization and mitigation across the portfolio.

  • Lead development and adoption of secure-by-design and secure SDLC practices across engineering teams. security vulnerabilities customer site and equipment protection data loss/breach and advanced persistent threat.

  • Lead long-term security capability development including cryptographic modernization and resilience against emerging threats such as post-quantum computing.

Product Security Engineering Enablement

  • Partner with Engineering and R&D leaders to embed security into product development lifecycles.

  • Enable engineering teams through security tooling automation and developer-centric security guidance.

  • Oversee and provide governance and guidance for vulnerability management and remediation activities across products and platforms.

Regulatory Audit & Quality

  • Ensure alignment with FDA EU MDR and other global applicable medical device cybersecurity regulations.

  • Lead audit readiness and certification activities (e.g. ISO 13485 ISO 27001 IEC 62304 etc.).

  • Partner with Quality and Regulatory teams to integrate product security into QMS processes.

  • Define track and report security KPIs and metrics for internal reporting and regulatory evidence.

Cross-Functional Leadership

  • Drive cross-division collaboration to standardize product security practices across business units.

  • Serve as a strategic advisor to executive leadership legal regulatory and product teams on security risk.

  • Influence product and business decisions to ensure appropriate security risk posture.

Culture & Executive Leadership

  • Shape and promote a strong product security culture across engineering R&D and product organizations.

  • Build lead and develop a high-performing product security organization including hiring mentoring and succession planning.

  • Represent the organization in internal and external forums including leadership reviews regulatory discussions and industry engagements.

Undertake additional responsibilities as required to support evolving business and security priorities.

Required Qualifications

Education

  • BachelorsDegree (16 years)

  • Information Security Risk or IT Management Computer Science or related field

  • An equivalent combination of education and work experience

  • Minimum 12 yearsof work experience

  • Experience working in a product engineering support or Product/ Information security is required

  • Deep expertise in product security including application to medical devices and connected systems with strong understanding of threat modeling vulnerabilities and patient/customer risk in a regulated environment.

  • Demonstrated knowledge of FDA cybersecurity guidance (premarket andpostmarket) and its application to product development risk management and lifecycle maintenance.

  • Experience with medical device and software lifecycle standards including IEC 62304 ISO 14971 and ISO 13485 with the ability to integrate security into quality and regulatory processes.

  • Familiarity with global cybersecurity and privacy frameworks such as NIST Cybersecurity Framework NIST SSDF ISO 27001 HIPAA/HITECH and applicable EU regulations.

  • Experience leading product security programs across the full lifecycle including secure design development vulnerability managementpostmarketmonitoring and incident response.

  • Proven ability to operate at a senior leadership level influencing executive stakeholders and driving alignment across engineering R&D quality regulatory and business teams.

  • Experience with software supply chain security practices including SBOM third-party risk management and open-source security.

  • Strong understanding of modern security architectures and technologies including cryptography identity and access management and secure communications (knowledge of emerging areas such as crypto agility and post-quantum considerations preferred).

  • Track record of building leading and developing high-performing teams in complex matrixed organizations.

  • Exceptional analytical communication and decision-making skills with the ability to translate complex security risks into business-relevant outcomes.

The base pay for this position is

$190000.00 $380000.00

In specific locations the pay range may vary from the range posted.

JOB FAMILY:

Information Risk & Quality Assurance

DIVISION:

BTS Business Technology Services

LOCATION:

United States > Minnesota > St. Paul > Tech Center : One St Jude Medical Drive

ADDITIONAL LOCATIONS:

WORK SHIFT:

Standard

TRAVEL:

Yes 15 % of the Time

MEDICAL SURVEILLANCE:

Not Applicable

SIGNIFICANT WORK ACTIVITIES:

Continuous sitting for prolonged periods (more than 2 consecutive hours in an 8 hour day)

Abbott is an Equal Opportunity Employer of Minorities/Women/Individuals with Disabilities/Protected Veterans.

EEO is the Law link - English: EEO is the Law link - Espanol: Experience:

Exec

Abbott is a global healthcare leader that helps people live more fully at all stages of life. Our portfolio of life-changing technologies spans the spectrum of healthcare with leading businesses and products in diagnostics medical devices nutritionals and branded generic medicines. Our 115000 collea...

About Company

Company Logo

WHO WE ARE CREATING LIFE-CHANGING TECHNOLOGY From removing the regular pain of fingersticks as people manage their diabetes to connecting patients to doctors with real-time information monitoring their hearts, from easing chronic pain and movement disorders to testing half the world’s ... View more

View Profile View Profile