At Alcon, we are driven by the meaningful work we do to help people see brilliantly. We innovate boldly, champion progress, and act with speed as the global leader in eye care. Here, you’ll be recognized for your commitment and contributions and see your career like never before. Together, we go above and beyond to make an impact in the lives of our patients and customers.

We foster an inclusive culture and are looking for diverse, talented people to join Alcon and we are looking for a Senior Product Security Governance Lead in Lake Forest, CA.

In this role, a typical day will include:

• You will be responsible for developing, implementing and maintaining robust security measures across all stages of our product development and post launch process.

• You will collaborate with cross-functional teams to integrate security best practices and ensure the protection of our products against potential threats.

• Develop, Implement and enforce security best practices throughout the entire software development lifecycle (SDLC)

• Helping in getting different certifications for medical products.

• Help in conducting security awareness training for development teams to enhance their understanding of security and privacy principles and practices.

• Stay updated on the latest security trends, regulatory standards, vulnerabilities, and mitigation strategies.

• Perform and/or support periodic table-top exercises as directed, create or reviewing final reports.

• Write and/or review product security and privacy communication and/or update communications to internal stake holders.

• Summarize product risks for biannual stakeholder reports.

• Interact with outside vendors, write/modify/convey host module requirements, and be able to identify and hold outside vendors accountable for their deliverables.

• Help in getting the certifications like UL-2900 for Alcon products.

• Update and Develop product security processes for medical and non-medical devices.

• Creating trainings for product security processes for medical and non-medical devices.

• Building Co-ordinated Vulnerability Management processes and program.

• Building and developing common automated scripts and tools as applicable.

• Knowledgeable of product security landscape.

• Review and conduct gap assessment of different regulatory standards. Lead efforts to close the gaps in Alcon’s product security related standard procedures.

• Build strong collaboration with cross-functional stakeholders and teams across the product development lifecycle.

• Contribute to analyzing risks, assessing security gaps, and recommending state of the art solutions.

• Provides accurate documentation of metrics and KPIs, and security process results for management and stakeholders.

• Works closely with the Lake Forest Product Security and Software teams and stake holders both on-shore and off-shore to coordinate QA oversight of software development activities and associated deliverables.

• Supports audits, regulatory and other compliance activities by coordinating efforts for providing requested information and supporting documentation as required for changes in regulatory requirements.

• Communicate with customers and stakeholders concerning discovered vulnerabilities.

• Supporting incident response processes and PSIRT as required in addressing the identified incidents as necessary.

• Works closely with the Product Security team to support product security activities and associated deliverables.

• You will be responsible for developing, implementing and maintaining robust security measures across all stages of our product development and post launch process.

• You will collaborate with cross-functional teams to integrate security best practices and ensure the protection of our products against potential threats.

• Develop, Implement and enforce security best practices throughout the entire software development lifecycle (SDLC)

• Helping in getting different certifications for medical products.

• Help in conducting security awareness training for development teams to enhance their understanding of security and privacy principles and practices.

• Stay updated on the latest security trends, regulatory standards, vulnerabilities, and mitigation strategies.

• Perform and/or support periodic table-top exercises as directed, create or reviewing final reports.

• Write and/or review product security and privacy communication and/or update communications to internal stake holders.

• Summarize product risks for biannual stakeholder reports.

• Interact with outside vendors, write/modify/convey host module requirements, and be able to identify and hold outside vendors accountable for their deliverables.

• Help in getting the certifications like UL-2900 for Alcon products.

Experience

• BS of Computer engineering or Information Security or other related discipline with 5 years’ experience; or 8 years of relevant experience.

• Solid understanding of Software Development Lifecycle Management (SDLC) – (Agile/Scrum, iterative)

• Proven experience in a Product Security field or in a similar role. 

• Ability to coordinate and balance activities between multiple associates

• Ability to work independently, proactively identify issues, recommend, and implement solutions, and deliver quality results on schedule while managing multiple tasks and internal customers.

• Good interpersonal & Communication skills to build positive departmental and inter-departmental relationships in a virtual, remote and asynchronous environment. 

• Prior experience on medical device software and data integrity

• Understanding of FDA/ISO regulations related to medical device software.

• Strong understanding of secure coding principles, encryption, and authentication protocols 

• Familiarity with industry standards and frameworks such as OWASP, NIST, UL-2900 and ISO 27001.

• Excellent communication and collaboration skills.

• Knowledge of use of following types of tools: SAST, DAST, SBOM, network forensics tools, fuzzing, standard penetration test, governance tools.

• Knowledge of cybersecurity concepts.

• Ability to work independently, proactively identify issues, recommend and implement solutions and deliver quality results on schedule while managing multiple tasks and internal customers.

• Good interpersonal & Communication skills to build positive departmental and inter-departmental relationships in a virtual, remote, and asynchronous environment. 

• Experience in Certifications like UL-2900 

• Understanding of Window OS services, processes, driver and registry configurations and analysis techniques is a plus

• Fluent English; excellent verbal and written communication skills

What You'll Bring to Alcon:

• Bachelor’s Degree or Equivalent years of directly related experience (or high school +13 yrs; Assoc.+9 yrs; M.S.+2 yrs; PhD+0 yrs) 

• The ability to fluently read, write, understand, and communicate in English

• 5 Years of Relevant Experience

How You Can Thrive at Alcon:

• Join Alcon’s mission to provide outstanding, innovative products and solutions to improve sight, improve lives, and grow your career!

• Alcon provides robust benefits package including health, life, retirement, flexible time off, and much more!

• Travel Requirements: 5-10%

• Relocation assistance: no

• Sponsorship available: yes    

Alcon Careers

See your impact at alcon.com/careers

#LI-DNI

  

ATTENTION: Current Alcon Employee/Contingent Worker

If you are currently an active employee/contingent worker at Alcon, please click the appropriate link below to apply on the Internal Career site.

Find Jobs for Employees

Find Jobs for Contingent Worker

  

Total Rewards

Alcon’s Total Rewards programs are designed to align to incentives with business goals, encourage the right values and behaviors, and deliver long-term value.  The first layer of our rewards program is compensation.  We offer a combination of fixed pay and variable pay, which includes short-term incentives, and long-term incentives for eligible population.  Our benefits program provides security for life events through life and disability insurance, supports savings for retirement, promotes good health and well-being and supports associates and their families during times of illness.  To learn more about Alcon’s Corporate Social Responsibility including our Total Rewards, click here

  

Pay Range

$108,880.00 - $163,320.00

  

Pay Frequency

Annual

  

Alcon is an Equal Opportunity Employer and participates in E-Verify. Alcon takes pride in maintaining a diverse environment and our policies are not to discriminate in recruitment, hiring, training, promotion or other employment practices for reasons of race, color, religion, gender, national origin, age, sexual orientation, gender identity, marital or veteran status, disability, or any other legally protected status. Alcon is also committed to working with and providing reasonable accommodation to individuals with disabilities. If, because of a medical condition or disability, you need a reasonable accommodation for any part of the application process, or in order to perform the essential functions of a position, please send an email to [email protected] and let us know the nature of your request and your contact information.