Cloud Penetration Tester

This is where you save and sustain lives

At Baxter, we are deeply connected by our mission. No matter your role at Baxter, your work makes a positive impact on people around the world. You'll feel a sense of purpose throughout the organization, as we know our work improves outcomes for millions of patients.

Baxter's products and therapies are found in almost every hospital worldwide, in clinics and in the home. For over 85 years, we have pioneered significant medical innovations that transform healthcare.

Together, we create a place where we are happy, successful and inspire each other. This is where you can do your best work.

Join us at the intersection of saving and sustaining lives- where your purpose accelerates our mission.

Your role at Baxter

Nothing changes if nothing changes, which is why Baxter is transforming our global IT function-into one that will strengthen partnerships and enable smarter, more efficient and connected business processes. In the dynamic healthcare industry, we need to be ready to face new challenges and opportunities. As we learn, we must be agile and innovative to reveal new ways of working. Technology and our digital capability will help create a more efficient and innovative ecosystem to enable our employees, customers and products to drive better outcomes for patients worldwide.

We are at the critical intersection where robust IT infrastructure and networking support meets the physicians, nurses and care givers who save and sustain lives. Together, we can build upon Baxter's rich heritage to advance the next generation of transformative healthcare innovations. Together, we can change how IT meets healthcare. Together, we are Baxter.

This is where technology fuels purpose-driven work. Where your purpose accelerates our mission.

You will be responsible for leading penetration testing and all activities involved for the Central Product Security and Privacy Organization. As part of this role, you will implement penetration testing and involve activities both manually and with tools, including but not limited to Burp Suite and Metasploit. An understanding of embedded systems and how penetration testing is completed for them as well as their connected applications is a requirement. You will be collaborating with all resources working in the lab (tools support, lab support) as well as product teams.

This role requires a strategic understanding of the business, customer/ patient needs, product technology and the purpose & values of Baxter to deliver on the group priorities. A deep understanding of the latest security standards, systems, protocols and security products is needed.

What you'll be doing

• Penetration testing for connected enterprise products, embedded products, and applications
• Reporting of critical metrics at an enterprise, GBU, and product level for penetration testing results
• Collaboration with Tools lead and Lab lead
• Installing and configuring penetration tools
• Proactively build, share, and read reports as part of the penetration testing activities
• Proactively identify new penetration tooling methods

What you'll bring

• Bachelor's degree in Computer Science required
• Minimum of one penetration testing (GPEN, CEH, GWAPT,) certification required
• 2+ years working with each of the following: AWS security, Conditional Access & MFA and Privileged access management
• Project management experience for full security system lifecycle and security tool upgrades, including business case development
• WEB, mobile and/or embedded IoT application penetration testing experience
• Network penetration testing experience and understand and safely use various open-source penetration testing tools; Experience with penetration testing methodologies and tools including security analysis, audits and reviews
• Binary analysis tools and debuggers (dnSpy, IDA Pro, Ghidra, Ildasm, ILSpy)
• Sound understanding of security technologies/techniques like Cryptography, Algorithms, Public key Infrastructure (PKI) Certificate Authority (CA), Hardware/embedded authentication, OAuth, 2-factor authentication
• Strong knowledge of secure software development lifecycle and practices
• Knowledge of current and emerging security threats and techniques for exploiting security vulnerabilities. Exposure to international privacy requirements & cross industry trends.

We understand compensation is an important factor as you consider the next step in your career. At Baxter, we are committed to equitable pay for all our employees, and we strive to be more transparent with our pay practices. To that end, this position has a base salary range of $68,000 to $156,000 plus an annual incentive bonus. The above range represents the expected base salary range for this position. The actual salary may vary based upon several factors including, but not limited to, relevant skills/experience, time in the role, business line, and geographic/office location.

#LI-VF

The successful candidate for this job may be required to verify that he or she has been vaccinated against COVID-19, subject to reasonable accommodations for individuals with medical conditions or religious beliefs that prevent vaccination, and in accordance with applicable law.

Equal Employment Opportunity

Baxter is an equal opportunity employer. Baxter evaluates qualified applicants without regard to race, color, religion, gender, national origin, age, sexual orientation, gender identity or expression, protected veteran status, disability/handicap status or any other legally protected characteristic.

EEO is the Law

EEO is the law - Poster Supplement

Pay Transparency Policy

Reasonable Accommodations

Baxter is committed to working with and providing reasonable accommodations to individuals with disabilities globally. If, because of a medical condition or disability, you need a reasonable accommodation for any part of the application or interview process, please click on the link here and let us know the nature of your request along with your contact information.

Recruitment Fraud Notice

Baxter has discovered incidents of employment scams, where fraudulent parties pose as Baxter employees, recruiters, or other agents, and engage with online job seekers in an attempt to steal personal and/or financial information. To learn how you can protect yourself, review our Recruitment Fraud Notice.