Job Description Overview At Spacelabs Healthcare, we are on a mission to provide continuous innovation in healthcare technology for better clinical and economic outcomes. Our scalable solutions deliver critical patient data across local and remote systems, enable better-informed decisions, increase efficiencies, and create a safer environment for patients. Why work at Spacelabs? Because lives depend on you! The Senior Director of Information and Product Security is responsible for overseeing Spacelabs' comprehensive and enterprise-wide information security management program, including information security, security of our IT applications and technology, and medical device product cybersecurity. The Senior Director of Information and Product Security shall assess risks and vulnerabilities to establish and maintain necessary operational controls, physical protections, and secure technology to protect the company's information and technology, based upon industry-accepted information security and risk management standards and in compliance with local, federal, and international regulations and laws. The Senior Director of Information and Product Security is also responsible for overseeing product security for Spacelabs' software and hardware products and systems that are used by our healthcare customers. He or she shall manage a team of security professionals and work with other company functions to support pre- and post-market medical product design, development, and maintenance. This position can be onsite, hybrid, or remote. Responsibilities Develop and implement a comprehensive information security strategy Assess and mitigate information and technological vulnerabilities and risks Surveil and identify emerging security threats and trends that may impact the organization and its products and systems Maintain security risk management plans and vulnerability assessments to identify and address security weaknesses and threats Identify and assess data use, storage, and process flows to ensure adequate protection and controls ("Adequate Security") Collaborate and align Security Strategy with Corporate Information Security Implement administrative, physical, and technical controls necessary to ensure Adequate Security and regulatory compliance Establish and maintain information security policies and procedures Identify, arrange, prepare, and perform staff training and refresher training Implement and manage security technologies, such as firewalls, intrusion detection, encryption, etc. Report on system performance to management, including internal audits, corrective action, performance towards objectives, response to issues and concerns, driving improvements, etc. Provide direction for company privacy and security Design Control, Risk Management, and Post-market Surveillance processes, activities, and outputs Represent privacy and security interests and provide guidance as a member of company cross-functional design teams Conduct regular risk assessments and vulnerability tests to identify potential security threats and develop strategies to mitigate them Stay up to date with the latest industry trends, threats, and technologies to ensure that the organization's IT security measures are current and effective Collaborate with other departments to ensure that security requirements are integrated into the design and implementation of new systems and technologies Develop and maintain incident reporting and response plans to ensure preparedness for security incidents and breaches Direct and lead investigations of security incidents, breaches, and alleged vulnerabilities Lead efforts to contain, recover, and remediate from breaches, incidents, and near-misses Evaluate and perform breach reporting Drive product corrective actions, field corrective actions, and customer notifications when necessary to address security v