Principal Cybersecurity Engineer

Join to apply for the Principal Cybersecurity Engineer role at Baxter International Inc.

This is where your work makes a difference. At Baxter, our mission is to save and sustain lives. We foster a culture of courage, trust, and collaboration, and give employees the autonomy to grow and make an impact.

As a Principal Cybersecurity Engineer you will lead by example, mentor peers, and manage your own time while contributing to product security and compliance.

• Create technical documentation around the security of a product, including threat modeling, interface architecture, DPIAs, whitepapers, and manufacturer disclosure statements.
• Develop and maintain software bill of materials and static code analysis reports.
• Work collaboratively with product development teams to establish information‑security requirements, plans, and policies.
• Establish governance around vulnerability management in products.
• Assist in responses to and recovery from security breaches.
• Use tools (Tenable Nessus, Fortify, Coverity, etc.) to scan for and test possible product vulnerabilities.
• Stay ahead of industry zero‑day discoveries and react to assess products.
• Work with product teams on annual SOC2 and HiTrust audits.
• Investigate security breaches.
• Participate in project planning and scoping of security‑related deliverables.
• Assess third‑party and off‑the‑shelf components for secure use.

• Bachelor’s degree in Computer Science or a related field desired.
• 5+ years of secure software development life‑cycle experience.
• Solid understanding of application security throughout the software life‑cycle.
• Experience addressing OWASP Top 10 vulnerabilities.
• Experience developing or analyzing secure coding practices with technologies such as ASP.Net (C#), SQL Server, HTML, C++.
• Strong technical writing skills.
• Familiarity with privacy‑by‑design frameworks.
• Experience with threat‑modeling methodologies like STRIDE, DREAD, LINDDUN, or PASTA.
• Experience performing security risk assessments and communicating impacts.
• Experience analyzing and documenting possible vulnerabilities found during development.
• Familiarity with industry standards such as IEC TR 80001, NIST 800‑53, ISO​ IEC 27001 & 27002.
• Expertise in designing secure networks, systems, and application architectures.
• Certification such as CAP, CSSLP, or equivalent desired but not required.
• Attention to detail, critical thinking, and analytical abilities.
• Proven interpersonal and communication skills (verbal, written, presentation).

Baxter offers comprehensive compensation and benefits packages. Medical and dental coverage start on day one. Additional benefits include life, accident, and disability insurance, a 401(k) plan with company matching, flexible spending accounts, paid holidays, paid time off ranging from 20 to 35 days, parental leave, commuting benefits, an employee discount program, an employee assistance program, and childcare assistance.

Baxter is an equal opportunity employer. We evaluate qualified applicants without regard to race, color, religion, gender, national origin, age, sexual orientation, gender identity or expression, protected veteran status, disability/handicap status, or any other legally protected characteristic.

Baxter is committed to working with and providing reasonable accommodations to individuals with disabilities. If you need a reasonable accommodation for any part of the application or interview process, please let us know the nature of your request.

Baxter has discovered incidents of employment scams, where fraudulent parties pose as Baxter employees, recruiters, or other agents. To protect yourself, review our Recruitment Fraud Notice.

Mid‑Senior level

Full‑time

Information Technology