VP, Product Cybersecurity

VP, Product Cybersecurity Hawthorne, CA Job Details Full-time 1 day ago Benefits Paid jury duty Health savings account AD&D insurance Employee stock purchase plan Disability insurance Health insurance 401(k) Paid time off Life insurance Qualifications System hardening Certified Information Systems Auditor Computer science Computer Science ISO standards Engineering CISSP Gap analysis CISM Information security compliance Training employees on security practices Bachelor's degree in engineering Bachelor's degree NIST standards Software development Vulnerability management Senior level Training Cross-functional collaboration Bachelor's degree in computer science Cross-functional team management Information security auditing Cross-functional communication Senior leadership 10 years Performance evaluation

Full Job Description Overview:

OSI Systems and its subsidiaries is a vertically integrated provider of specialized electronic systems and for components that meet the critical needs in the homeland security, healthcare, defense, and aerospace industries. As a global company, we are dedicated to developing solutions for our customers and the people they serve to lead the way to a safer and healthier world. OSI Systems is seeking a VP, Product Cybersecurity. This individual will oversee cybersecurity for products and services across OSI Systems, its subsidiaries, and R D labs around the world. They will coordinate common security practices and compliance activities, driving the adoption of a product security framework designed to address cybersecurity during all stages of the product life cycle. This candidate must be an evangelist for product security, raising awareness and educating product stakeholders on the need for building security into products at the design stage. They will report to the Chief Information Officer (CIO) and manage the overall product cybersecurity program, associated certifications across business unit product lines, and coordinate software/platform compliance with software development teams globally. They must also have in-depth knowledge of the threat landscape and state-of-the-art security measures to ensure company products are well secured to reduce the probability of hackers exploiting vulnerabilities within our products and services.

Responsibilities:

Serve as the principal advisor to business units on matters involving cybersecurity for products and services. Collaboratively perform the role of Product Cybersecurity Officer for OSI Systems, Inc. and all its subsidiaries. Create and communicate a clear and compelling vision for product cybersecurity strategy, balancing cost and risk. Ensure product teams meet all product security objectives and compliance requirements for product design, development, service, and fabrication. Lead a community of Information Security Officers (ISOs) across OSI Systems, Inc., driving a common product security framework based on

NIST 800-53, 800-171

standards, and cyber best practices. Conduct regular audits to track progress of product hardening and vulnerability remediation. Manage and provide a shared services test environment to support a standardized framework for product cybersecurity testing. Approve all Product Security Design (PSD) packages, gap analysis, and Security Analysis Reports. Provide oversight and approval of customer and public product security communications. Act as the company-wide focal point for product security incident reporting and subsequent coordination of remediation actions. Advise executive leadership and the board on product cyber risk and ensure work is underway to address critical items. Uphold the company's core values of Integrity, Innovation, Accountability, and Teamwork. Demonstrate behavior consistent with the company's Code of Ethics and Conduct. Ensure that direct report(s) are trained and evaluated on their knowledge and adherence to the company's values, Code of Ethics and Conduct, and applicable compliance policies. It is the responsibility of every employee to report to their manager or a member of senior management any quality problems or defects in order for corrective action to be implemented and to avoid recurrence of the problem. Duties may be modified or assigned at any time to meet the needs of the business.

Qualifications:

Bachelor's degree in engineering or computer science or equivalent experience required. Minimum of 10 years of experience in Information Security needed. Must have experience implementing NIST 800-53 and 800-171 or

ISO 27001

security frameworks. Previous experience working as an Information Security Officer (ISO), CISO, or Product Security Officer preferred. Must have experience developing and managing security programs for multiple product lines using cross-functional teams. Must have ability to communicate effectively across varying organizational levels, including executive management. Must have ability to drive a common product security framework across global product portfolios. May require domestic and global travel; must be able to acquire all necessary travel documents. Must be able to work with global product design teams across multiple time zones to meet business needs. Experience developing software for medical devices strongly preferred. Experience with global, distributed team software development is essential. Must be capable of obtaining a security clearance. Recognized certifications, such as

CISSP, CISA, CISM

strongly desired. #LI-DB1 Please review our benefits here: Life at OSI The pay range above represents annual base salary only. Final compensation will be determined based on factors such as your job level, geographic location, date of hire, experience, job-related knowledge and skills, and education in conjunction with market and business considerations. Base salary is one component of your total rewards package. You may be eligible for long-term incentives, potential discretionary bonuses, and the ability to purchase company stock at a discounted rate through the Employee Stock Purchase Program (ESPP). OSI also offers comprehensive benefits including various options for health plans, access to 401(k) retirement plan, health savings account, disability insurance, life insurance, AD&D insurance, leave of absence programs and an array of voluntary benefits. In addition, paid time off is offered to be used for vacation, holidays, bereavement, and jury duty. Full-Time salaried employees are entitled to flexible time-off.

NOTICE TO THIRD PARTY AGENCIES OSI

Systems, Inc. and its subsidiaries (collectively "OSI") does not accept unsolicited resumes from recruiters or employment agencies. If any person or entity, including a recruiter or agency, submits any information, including any resume or information regarding any potential candidate, without a signed agreement in place with

OSI, OSI

explicitly reserves the right to use such information, and pursue and/or hire such candidates, without any financial obligation to the person, recruiter or agency. Any unsolicited information or resumes, including those submitted directly to hiring managers, are considered and deemed to be the property of OSI. Equal Opportunity Employer -

Disability and Veterans Know Your Rights Poster Link:

https://www.eeoc.gov/sites/default/files/2023-06/22-088_EEOC_KnowYourRights6.12ScreenRdr.pdf OSI Systems, Inc.

has three operating divisions:

(a) Security, providing security and inspection systems, turnkey security screening solutions and related services; (b) Healthcare, providing patient monitoring, diagnostic cardiology and anesthesia systems; and (c) Optoelectronics and Manufacturing, providing specialized electronic components and electronic manufacturing services for original equipment manufacturers with applications in the defense, aerospace, medical and industrial markets, among others.