Director - Product Security

at LivaNova, USA Inc. in Chicago, Illinois, United States Job Description As a global medtech company, we are driven by our Vision of changing the trajectory of lives for a new day and our Mission to create ingenious solutions that ignite patient turnarounds. Our relentless commitment to patients and strong legacy of innovation in healthcare are the foundation of our future. If you're looking for a new chance, a new beginning, a new trajectory, LivaNova is where your talent can truly thrive. Join our talented team members worldwide to become a pioneer of tomorrow-because at LivaNova, we don't just treat conditions - we aspire to alter the course of lives.

Job Summary:

The Director of Product Security is a key leadership role responsible for the strategic vision, execution, and oversight of the company's product security program. This executive will lead a dedicated team to manage the cybersecurity posture of our medical device portfolio throughout its entire lifecycle, from design and development through post-market surveillance. The role is a direct response to a complex and evolving regulatory environment, including new requirements from the FDA, and is critical to ensuring patient safety, maintaining market access, and protecting the company's reputation and long-term business growth. The ideal candidate is a hands-on, visionary leader with deep technical knowledge, a strong understanding of medical device regulations, and exceptional communication skills to drive change across the organization and engage with external stakeholders. Houston, TX is the ideal location for this role, but this is open to Remote opportunities for well-qualified individuals.

Key Responsibilities:

Strategic Leadership & Program Management:

Define and execute a comprehensive product security strategy that aligns with business priorities, FDA/MDR/524B expectations, and Quality Management System (QMS) requirements. Build, lead, and mentor a high-performing team of product security professionals, fostering their technical and leadership skills. Manage and allocate human and financial resources to achieve strategic objectives. Secure Product Development Lifecycle (SDLC): Drive a "shift-left" security strategy, integrating security controls and best practices into all stages of the product lifecycle. Oversee a rigorous threat modeling program and lead cybersecurity risk assessments for all new and existing products. Champion DevSecOps principles and automate security controls and testing within CI/CD pipelines. Provide architectural guidance on secure design, including implementing security controls such as secure boot, firmware signing, and encryption.

Regulatory Compliance & Governance:

Ensure all required cybersecurity documentation, including risk assessments and SBOMs, is prepared and submitted for premarket applications (510(k), PMA). Manage the generation and maintenance of SBOMs and VEX (Vulnerability Exploitability eXchange) documents to ensure transparency and enable targeted, actionable risk management for regulators and customers. Act as the senior product security subject matter expert, representing the company during FDA and other international regulatory inspections.

Post-Market Surveillance & Incident Response:

Oversee the post-market surveillance program to continuously monitor field devices for emerging threats and vulnerabilities. Lead and manage the security incident response process, including coordinated vulnerability disclosure, containment, root cause analysis, and remediation. Develop and execute plans for communicating security updates and patches to customers and stakeholders.

Cross-Functional Collaboration & Stakeholder Engagement:

Partner with R D, Engineering, Quality, Regulatory Affairs, and Legal teams to embed security practices and ensure a comprehensive approach to product safety. Serve as the primary security consultant to the organization, articulating technical challenges and mitigation plans to senior management and external stakeholders in a clear, non-technical manner. Engage with customers, hospital IT/IS staff, and industry partners to translate technical requirements into business and clinical impact and build trust in the company's products. Oversee external communications regarding program and product vulnerabilities Develop and execute strategies for external presence and participation in industry... For full info follow application link. LivaNova values equality and celebrates diversity. We are committed to ensuring that our recruitment process is fair, transparent and free from unlawful discrimination. Our selection process is driven by the key demands/requirements for the role rather than bias or discrimination on the basis of a candidate's sex, gender identity, age, marital status, veteran status, non-job-related disability/handicap or medical condition, family status, sexual orientation, religion, color, ethnicity, race or any other legally protected classification. To view full details and how to apply, please login or create a Job Seeker account