Job Description :
Position::      Business Analyst III with IT Security, Risk management and Product Security experience

Location::     Deerfield IL

Contract Duration::12+Months


Global IT Security - Business Information Security Officer Analyst - Product Security 


Job Description 
The Business Information Security Officer (BISO) Analyst is a functional security analyst role within Global IT Security. The primary purpose of this position is analyst support for cybersecurity risks related to Client products. The individual in this position interacts with IT Security, Product Security, Design Engineering, and service providers, key stakeholders, personnel from various functions — including the application development, operations and network, and privacy teams — and with business departments. 

Roles and Responsibilities 
This is a functional role within Global IT Security, providing support for product security activities across global business units, R&D, and IT Security. 

Responsible for working closely with the product security team and sometimes in the applicable R&D product team environment 
Provide analysis and trending of product security risk associated with medical devices 
Provide support to product teams related to customer agreements, inquiries, and various other requests for assistance related to cybersecurity 
Provide threat and vulnerability analysis as well as security advisory services, and risk assessments 
Provide analysis of the impacts to Client based on any regulatory or customer requirement changes 
Integrate and share information with security operations team 
Present product security program and project status to management and escalate issues as needed 
Establish and maintain capabilities to track progress, identify issues, and overcome obstacles 
Play an active role to support cyber security awareness initiatives 
Work closely with stakeholders to ensure product security risks and are identified, assessed & reported; appropriate controls are in place and local procedures & activities comply with Baxter policies, standards operating procedures, industry best practices and regulatory requirements 
Provide Information security requirements, advice and counsel to portfolio personnel, project teams, and the Business ensuring alignment to information security processes and solutions 
Evaluate and assess emerging security threats and vulnerabilities in portfolios and work with portfolio personnel to identify appropriate controls 
Oversee and manage portfolio of Information Risk Issues to ensure these are current, accurate and are supported by sound resolution plans or formal risk acceptance by business executives 

Qualifications/Experience 
5-6 years of experience in Cybersecurity and 2-3 years of business facing roles/consultancy 
Strong understanding of cyber security trends and events 
Working knowledge of policies, standards and operating procedures in large organizations relating to information security risk 
Information Security certification e.g. CISSP, CISSLP, GIAC etc. is desired 
Strong analytical and multi-tasking skills, writing proficiency and visual design skills, problem solving and decision-making skills Highly developed communication skills, both verbal and written 
Strong team-oriented interpersonal skills, with the ability to interface effectively with a broad range of people and roles, including vendors, IT-business personnel 
Excellent verbal and written communication skills. 
Advanced knowledge in information security principles, including risk assessment and management, threat and vulnerability management, and identity and access management. 
Advancement of security governance knowledge including but not limited to security control relationships and correlation of accumulative/inherent risks related to mitigation, noncompliance and/or risk acceptance. 
Ability to exercise sound judgment in complex situations. 
Strong customer/client focus, with the ability to manage expectations appropriately, provide a superior customer/client experience and build long-term relationships. 
Ability to work well under minimal supervision