What are the responsibilities and job description for the VP, Product Cybersecurity position at Rapiscan Systems?
Overview
OSI Systems and its subsidiaries is a vertically integrated provider of specialized electronic systems and for components that meet the critical needs in the homeland security, healthcare, defense, and aerospace industries. As a global company, we are dedicated to developing solutions for our customers and the people they serve to lead the way to a safer and healthier world.
OSI Systems is seeking a VP, Product Cybersecurity. This individual will oversee cybersecurity for products and services across OSI Systems, its subsidiaries, and R&D labs around the world. They will coordinate common security practices and compliance activities, driving the adoption of a product security framework designed to address cybersecurity during all stages of the product life cycle. This candidate must be an evangelist for product security, raising awareness and educating product stakeholders on the need for building security into products at the design stage. They will report to the Chief Information Officer (CIO) and manage the overall product cybersecurity program, associated certifications across business unit product lines, and coordinate software/platform compliance with software development teams globally. They must also have in-depth knowledge of the threat landscape and state-of-the-art security measures to ensure company products are well secured to reduce the probability of hackers exploiting vulnerabilities within our products and services.
Responsibilities
The specific programs and options available to any given employee may vary depending on eligibility factors such as geographic location and date of hire. Please note that the salary information shown above is a general guideline only. Salaries are based upon candidate experience and qualifications, as well as market and business considerations.
NOTICE TO THIRD PARTY AGENCIES
OSI Systems, Inc. and its subsidiaries (collectively “OSI”) does not accept unsolicited resumes from recruiters or employment agencies. If any person or entity, including a recruiter or agency, submits any information, including any resume or information regarding any potential candidate, without a signed agreement in place with OSI, OSI explicitly reserves the right to use such information, and pursue and/or hire such candidates, without any financial obligation to the person, recruiter or agency. Any unsolicited information or resumes, including those submitted directly to hiring managers, are considered and deemed to be the property of OSI.
Equal Opportunity Employer - Disability and Veterans
Know Your Rights
Poster Link
https://www.eeoc.gov/sites/default/files/2023-06/22-088_EEOC_KnowYourRights6.12ScreenRdr.pdf
OSI Systems, Inc. has three operating divisions: (a) Security, providing security and inspection systems, turnkey security screening solutions and related services; (b) Healthcare, providing patient monitoring, diagnostic cardiology and anesthesia systems; and (c) Optoelectronics and Manufacturing, providing specialized electronic components and electronic manufacturing services for original equipment manufacturers with applications in the defense, aerospace, medical and industrial markets, among others.
OSI Systems and its subsidiaries is a vertically integrated provider of specialized electronic systems and for components that meet the critical needs in the homeland security, healthcare, defense, and aerospace industries. As a global company, we are dedicated to developing solutions for our customers and the people they serve to lead the way to a safer and healthier world.
OSI Systems is seeking a VP, Product Cybersecurity. This individual will oversee cybersecurity for products and services across OSI Systems, its subsidiaries, and R&D labs around the world. They will coordinate common security practices and compliance activities, driving the adoption of a product security framework designed to address cybersecurity during all stages of the product life cycle. This candidate must be an evangelist for product security, raising awareness and educating product stakeholders on the need for building security into products at the design stage. They will report to the Chief Information Officer (CIO) and manage the overall product cybersecurity program, associated certifications across business unit product lines, and coordinate software/platform compliance with software development teams globally. They must also have in-depth knowledge of the threat landscape and state-of-the-art security measures to ensure company products are well secured to reduce the probability of hackers exploiting vulnerabilities within our products and services.
Responsibilities
- Serve as the principal advisor to business units on matters involving cybersecurity for products and services.
- Collaboratively perform the role of Product Cybersecurity Officer for OSI Systems, Inc. and all its subsidiaries.
- Create and communicate a clear and compelling vision for product cybersecurity strategy, balancing cost and risk.
- Ensure product teams meet all product security objectives and compliance requirements for product design, development, service, and fabrication.
- Lead a community of Information Security Officers (ISOs) across OSI Systems, Inc., driving a common product security framework based on NIST 800-53, 800-171 standards, and cyber best practices.
- Conduct regular audits to track progress of product hardening and vulnerability remediation.
- Manage and provide a shared services test environment to support a standardized framework for product cybersecurity testing.
- Approve all Product Security Design (PSD) packages, gap analysis, and Security Analysis Reports.
- Provide oversight and approval of customer and public product security communications.
- Act as the company-wide focal point for product security incident reporting and subsequent coordination of remediation actions.
- Advise executive leadership and the board on product cyber risk and ensure work is underway to address critical items.
- Uphold the company’s core values of Integrity, Innovation, Accountability, and Teamwork.
- Demonstrate behavior consistent with the company’s Code of Ethics and Conduct.
- It is the responsibility of every employee to report to their manager or a member of senior management any quality problems or defects in order for corrective action to be implemented and to avoid recurrence of the problem.
- Duties may be modified or assigned at any time to meet the needs of the business.
- Bachelor’s degree in engineering or computer science or equivalent experience required.
- Minimum of 10 years of experience in Information Security needed.
- Must have experience implementing NIST 800-53 and 800-171 or ISO 27001 security frameworks.
- Previous experience working as an Information Security Officer (ISO), CISO, or Product Security Officer preferred.
- Must have experience developing and managing security programs for multiple product lines using cross-functional teams.
- Must have ability to communicate effectively across varying organizational levels, including executive management.
- Must have ability to drive a common product security framework across global product portfolios.
- May require domestic and global travel; must be able to acquire all necessary travel documents.
- Must be able to work with global product design teams across multiple time zones to meet business needs.
- Experience developing software for medical devices strongly preferred.
- Experience with global, distributed team software development is essential.
- Must be capable of obtaining a security clearance.
- Recognized certifications, such as CISSP, CISA, CISM strongly desired.
The specific programs and options available to any given employee may vary depending on eligibility factors such as geographic location and date of hire. Please note that the salary information shown above is a general guideline only. Salaries are based upon candidate experience and qualifications, as well as market and business considerations.
NOTICE TO THIRD PARTY AGENCIES
OSI Systems, Inc. and its subsidiaries (collectively “OSI”) does not accept unsolicited resumes from recruiters or employment agencies. If any person or entity, including a recruiter or agency, submits any information, including any resume or information regarding any potential candidate, without a signed agreement in place with OSI, OSI explicitly reserves the right to use such information, and pursue and/or hire such candidates, without any financial obligation to the person, recruiter or agency. Any unsolicited information or resumes, including those submitted directly to hiring managers, are considered and deemed to be the property of OSI.
Equal Opportunity Employer - Disability and Veterans
Know Your Rights
Poster Link
https://www.eeoc.gov/sites/default/files/2023-06/22-088_EEOC_KnowYourRights6.12ScreenRdr.pdf
OSI Systems, Inc. has three operating divisions: (a) Security, providing security and inspection systems, turnkey security screening solutions and related services; (b) Healthcare, providing patient monitoring, diagnostic cardiology and anesthesia systems; and (c) Optoelectronics and Manufacturing, providing specialized electronic components and electronic manufacturing services for original equipment manufacturers with applications in the defense, aerospace, medical and industrial markets, among others.