**At Bayer we’re visionaries, driven to solve the world’s toughest challenges and striving for a world where 'Health for all Hunger for none’ is no longer a dream, but a real possibility. We’re doing it with energy, curiosity and sheer dedication, always learning from unique perspectives of those around us, expanding our thinking, growing our capabilities and redefining ‘impossible’. There are so many reasons to join us. If you’re hungry to build a varied and meaningful career in a community of brilliant and diverse minds to make a real difference, there’s only one choice.** **Radiology Cloud Cybersecurity Engineering Lead** **Radiology Cloud Platform Cybersecurity Lead – Residence** **PURPOSE** The Radiology Cloud Platform Cybersecurity Lead supports the cybersecurity strategy for Radiology, specifically focusing on Radiology Internal/External Cloud Platforms, Cloud Applications, and AI/ML Applications. This position is responsible for driving the strategy and evolution of Bayer’s program focused on the premarket and post-market protection of Bayer Injector Cloud Platforms, Cloud Applications, and AI/ML Applications . This position is expected to lead Radiology Cloud Platform Engineering initiatives and responsible for cybersecurity throughout the total product lifecycle for Radiology Cloud Platforms, Cloud Applications, and AI/ML Applications. **YOUR TASKS AND RESPONSIBILITIES** + Lead Radiology Cloud Cybersecurity Engineering initiatives ensuring cybersecurity throughout the total lifecycle for Radiology Cloud Platforms, Cloud Applications, and AI/ML Applications; + Build, create, and execute appropriate product security strategies cascading division and global requirements for Radiology Cloud Platforms, Cloud Applications, and AI/ML Applications; + Develop , socialize, and drive program initiatives related to cloud platform cybersecurity; + Direct continuous monitoring of threat landscape and determine exact impact of threats and incidents to Bayer Radiology Cloud Platforms; + Externally represent Bayer and respective business unit as an evangelist and leader of Product Trust and Security for Radiology Cloud Platforms; + Evangelize and ensure success of product security strategy in Radiology; + Be able to technically contribute, and maintain appropriate acumen in Radiology business efforts; + Embed and engrain product security strategy into efforts in the supported product group; + Support Radiology quality, risk management, regulatory, legal, and commercial teams with pre-market and post-market consultation when applicable subject matter expertise is required; + Lead and manage the Radiology Cloud Platform vulnerability management and cybersecurity response including support of necessary policies, tools, and development of approved communications in response to security incidents; + Lead and manage the effort for Radiology cloud platform cybersecurity certification and partnership with third-party assessment organizations, e.g., HITRUST, ISO; + Lead and manage the benchmarking effort to enable objective measurement of the performance of the Bayer Radiology Cloud Platform function and develop metrics that support communicating this performance with various stakeholders across the organization; + Maintain current understanding continuously changing applicable global cybersecurity regulations and standards and communicate impact, including necessary adaptions and actions to be taken to key stakeholders within the Radiology organization to address opportunities or threats; + Serve as a company liaison to industry trade associations. Review and suggest possible organization adaptation to new or proposed regulations and legislations. **WHO YOU ARE** Bayer seeks an incumbent who possesses the following: **REQUIRED QUALIFICATIONS** + Bachelor Degree in Cybersecurity Engineering, Computer Science, IT, or related field; + Significant experience with product development with a background and focus and several years of experience around regulated health IT software, SaMD, and digital medical services; + Multiple years of experience specifically focusing on product cyber-security; + Experience and practical knowledge around various cyber standards - HIPAA, ISO 27001/2, NIST Cyber Framework; + Experience and ability to lead teams of teams and organizations of over 10+ individuals; + Solid experience with identifying, measuring, and reporting performance metrics in a form that is easily consumable by senior Leadership; + Excellent communication skills with all levels within the organization and with external stakeholders; + Demonstrated skill for independent analysis and synthesis of solutions to complex problems exhibiting creativity, foresight, innovation, and judgement; + Excellent oral, written, and listening skills; + Excellent persuasion and consensus building with ability to work in cross-functional teams. **PREFERRED QUALIFICATIONS** + Master’s Degree; + 10+ years' experience with product development with a background and focus in at least 5 of those years around regulated health IT software, SaMD, and digital medical services; + 5+ years specific focus on product cyber-security; + FDA-regulated medical device product and/or Software as a Medical Device (SaMD)development experience or similar applicable experience developing regulated products; + CISSP, HCISSP, and/or other relevant certifications; + Familiarity around device standards AMI TIR57/97, UL2900, IEC80001, FDA/EU Pre/Post Market Cyber guidance and 510(k) /BSI document submission; + Experience with threat modeling, vulnerability analysis, security risk analyses, and security assessments; + Experience with Secure Software Development Lifecycle (SSDLC); + Experience with Secure Application Development; + Experience with cloud platform security configuration in GCP, AWS, and/or Azure; + Experience with vulnerability testing, vulnerability scanning, and associated tools (Wireshark, Metasploit, Nessus, etc.) ; + Experience with cybersecurity incident response and investigations; + Experience with security by design and developing and reviewing security architectures; + Experience developing cybersecurity policies and procedures. Employees can expect to be paid a salary between $_____ to $_____. Additional compensation may include a bonus or commission (if relevant). Additional benefits include health care, vision, dental, retirement, PTO, sick leave, etc.. This salary range is merely an estimate and may vary based on an applicant’s location, market data/ranges, an applicant’s skills and prior relevant experience, certain degrees and certifications, and other relevant factors. This posting will be available for application until at least 3-3-2025. **YOUR APPLICATION** Bayer offers a wide variety of competitive compensation and benefits programs. If you meet the requirements of this unique opportunity, and want to impact our mission Science for a better life, we encourage you to apply now. Be part of something bigger. Be you. Be Bayer. To all recruitment agencies: Bayer does not accept unsolicited third party resumes. Bayer is an Equal Opportunity Employer/Disabled/Veterans Bayer is committed to providing access and reasonable accommodations in its application process for individuals with disabilities and encourages applicants with disabilities to request any needed accommodation(s) using the contact information below. Bayer is an E-Verify Employer. **It is unlawful in Massachusetts to require or administer a lie detector test as a condition of employment or continued employment. An employer who violates this law shall be subject to criminal penalties and civil liability.** **Location:** United States : Residence Based : Residence Based **Division:** Pharmaceuticals **Reference Code:** 838902 **Contact Us** **Email:** hrop_usa@bayer.com **Job Segment:** Cyber Security, Medical Device Engineer, Cloud, Testing, Radiology, Security, Engineering, Technology, Healthcare