OneMain Financial Jobs

Manager, Product & Platform Cybersecurity Engineering Req ID: 53422 Job Category: Engineering Location: Mentor, OH, US, 44060 Workplace Type: Hybrid At STERIS, we help our Customers create a healthier and safer world by providing innovative healthcare and life science product and service solutions around the globe. Position Summary The Manager, Product & Platform Cybersecurity Engineering leads the strategy, development, and implementation of a unified cybersecurity framework for medical devices, datahandling systems, and connected services across multiple business units. You will establish product security baselines, determine applicability of NIST SP 80053 controls, and oversee a team responsible for control mapping, verification, and evidence generation throughout the software development life cycle. You will operationalize NIST CSF 2.0 and embed NIST SP 800218 securebydesign practices into engineering pipelines to elevate product security maturity and improve release quality. You will partner closely with the Product Regulatory Cybersecurity and Quality/Regulatory teams to ensure compliance with healthcare and medtech premarket and postmarket requirements, including FD&C *524B and industry standards such as IEC 8100151 and ISO/IEC 27001:2022. You will serve as both a strategic leader and handson expert-translating cybersecurity risks into backlog priorities, guiding engineering teams through secure design and verification, advising leaders on practical risk remediation and compensating controls, and defining enterprise requirements for secure development infrastructure and product operations. *This position is located onsite in Mentor, Ohio with the opportunity for a hybrid work schedule. What You'll Do as a Manager, Product and Platform Cybersecurity Engineering Coordinate with the product development, implementation and CPE teams in the specification, development, verification, and deployment of security measures in new, currently marketed, and legacy products, which run Linux, Windows, or embedded operating systems. Propose solutions and defines the technical direction for product security development efforts. Shares responsibility for ensuring secure architecture designs. Own the development and execution of security plans and product security specifications for new and legacy products. Lead cybersecurity risk management activities, including threat modeling and vulnerability assessments. Work with the product team to perform vulnerability scans, assessments, and specify risk controls on software prior to release. Participate in design and code reviews to identify security-related issues and recommends design changes as appropriate. Coordinate with development teams in penetration and fuzz testing and third-party attestations of cyber devices. Implement secure code and server configuration practices within products and supporting infrastructure. Responsible for customer facing product security documents such as MDS2 forms (Manufacturer Disclosure Statement for Medical Device Security) and medical device security labelling. Provide level 3 support on product security issues and questions that are escalated to Engineering. Facilitate product security incident response and coordinated vulnerability disclosure. Develop awareness of security concerns, shares best engineering practices, and creates/updates procedures to ensure compliance. Continuously expands broader team knowledge and expertise in cybersecurity. The Experience, Skills and Abilities Needed Required: Bachelors Degree in Software Engineering, Computer Engineering, Electrical Engineering or related technical degree required. 10+ y