Software Developer V

The Technical Leader for the Product Cybersecurity Program and Product Security Incident Response Team (PSIRT) provides leadership for medical device cybersecurity across Bio‑Rad’s Clinical Diagnostics portfolio. This role owns the strategy, governance, and execution of the product cybersecurity program, ensuring compliance with FDA cybersecurity requirements and global standards while driving program maturity across the organization and product lifecycle. This position serves as the authoritative technical leader for product cybersecurity, accountable for vulnerability management, incident response, regulatory alignment, and cross‑functional coordination.

The role operates at the program level, enabling and guiding product teams rather than replacing their functional ownership.

• Own and evolve the Product Cybersecurity Program, including PSIRT governance, operating model, decision authority, and escalation paths.
• Establish and maintain alignment with FDA medical device cybersecurity expectations, including premarket and post‑market requirements for vulnerability management, coordinated disclosure, and incident response.
• Define and maintain the cybersecurity framework aligned to NIST CSF 2.0, ISO 81001‑5‑1, ISO/IEC TS 27110, and ISO/IEC 27032, and ensure integration with Global IT security practices.
• Embed product cybersecurity requirements into the Global Quality Management System (QMS), including Design Controls, risk management, and change management.

• Lead the cross‑functional Cybersecurity Core Team, ensuring sustained engagement and prioritization across R&D, Software, Systems, QA/RA, Global Supply Chain (Manufacturing and Procurement), and Global Information Security.
• Provide clear expectations, guidance, and oversight to product teams for secure design, development, and maintenance, without assuming direct development ownership.
• Ensure cybersecurity considerations are integrated throughout the product lifecycle, from concept and design through post‑market support.

• Serve as the single point of accountability for product cybersecurity intake, triage, and prioritization.
• Oversee end‑to‑end vulnerability management, including risk assessment, remediation planning, regulatory timelines, and customer deployment.
• Lead technical coordination for cybersecurity incident investigations, containment, and remediation, ensuring timely and effective response to high‑severity issues.
• Guide product teams on mitigations, patches, and workarounds to ensure security and regulatory expectations are met.

• Ensure cybersecurity incidents and disclosures comply with FDA, international regulatory, and internal quality requirements.
• Oversee the development and approval of security advisories, customer notifications, and regulatory communications.
• Act as the technical authority in engagements with external security researchers, customers, regulators, and industry groups.

• Drive cybersecurity awareness and training for R&D, Support, and Quality teams to reinforce a security‑first culture.
• Define, track, and report program‑level cybersecurity and PSIRT performance metrics to leadership.
• Continuously improve program effectiveness based on metrics, lessons learned, and evolving regulatory expectations.

• Bachelor’s degree in Computer Science, Information Security, Engineering or a related field.
• 7+ years of experience in cybersecurity, including architecture design in a regulated environment (preferably FDA, healthcare, or medical devices).
• A system thinker with deep expertise in medical device cybersecurity, including FDA premarket and post market cybersecurity requirements.
• Expert knowledge of NIST CSF 2.0, ISO 81001‑5‑1, ISO/IEC TS 27110, and ISO/IEC 27032.
• Proven ability to lead cross‑functional programs in complex, matrixed organizations.
• Strong technical judgment, communication skills, and executive presence.
• Demonstrated ability to build, mature, and scale cybersecurity programs across organizations.
• Preferred:
  Master’s…