Product Security Engineer

As a Product Security Engineer (f/m/d) specializing in Pharmacy Automation, you will play a crucial role in safeguarding the security of our innovative pharmacy automation solutions. You will be responsible for integrating security throughout the product development lifecycle, ensuring our systems are robust against cyber threats and compliant with relevant regulations, ultimately protecting patient safety and data integrity.

We are the makers of possible

BD is one of the largest global medical technology companies in the world. Advancing the world of health is our Purpose, and it's no small feat. It takes the imagination and passion of all of us—from design and engineering to the manufacturing and marketing of our billions of MedTech products per year—to look at the impossible and find transformative solutions that turn dreams into possibilities.

Why Join Us?

A career at BD means learning and working alongside inspirational leaders and colleagues who are equally passionate and committed to fostering an inclusive, growth-centered, and rewarding culture. You will have the opportunity to help shape the trajectory of BD while leaving a legacy at the same time.

To find purpose in the possibilities, we need people who can see the bigger picture, who understand the human story that underpins everything we do. We welcome people with the imagination and drive to help us reinvent the future of health. At BD, you'll discover a culture in which you can learn, grow and thrive. And find satisfaction in doing your part to make the world a better place.

Become a maker of possible with us

Responsibilities:

• Collaborate with product development teams (software, hardware, and firmware) to integrate security requirements and best practices into the design, development, and testing phases of pharmacy automation products.
• Conduct security threat modeling, risk assessments, and vulnerability analysis for new and existing products, identifying potential weaknesses and recommending mitigation strategies.
• Perform security code reviews, penetration testing, and fuzzing to identify and address security vulnerabilities in software and firmware.
• Develop and implement secure coding guidelines, security testing methodologies, and security-related documentation for product development teams.
• Stay up-to-date with the latest security trends, threats, and technologies, particularly those relevant to medical devices, industrial control systems, and healthcare IT.
• Execute product security risk assessments, hazard analysis, and provide vulnerability remediation guidance to product development software engineers
• Assist product development teams in complying with product security framework activities and creating security documentation, including Incident and Vulnerability Management Plans and Product Security White Papers
• Work closely with regulatory affairs and quality assurance teams to ensure product security compliance with industry standards (e.g., IEC 62443, HIPAA, GDPR, FDA guidance).
• Participate in incident response activities related to product security, including investigation, analysis, and remediation of security incidents.
• Educate and mentor development teams on secure design principles and coding practices.
• Evaluate third-party components and libraries for security vulnerabilities and recommend appropriate usage or alternatives.
• Contribute to the continuous improvement of the product security program and processes.

Preferred Requirements:

• Bachelor's degree in Computer Science, Electrical Engineering, Cybersecurity, or a related technical field.
• Proven experience (3+ years) in product security engineering, with a strong focus on embedded systems, IoT, or industrial control systems.
• Solid understanding of common security vulnerabilities (e.g., OWASP Top 10) and their mitigation techniques.
• Experience with security testing tools and methodologies (e.g., static application security testing (SAST), dynamic application security testing (DAST), penetration testing).
• Proficiency in at least one programming language (e.g., C++, C#, Python, Java).
• Familiarity with secure development lifecycle (SDL) processes and frameworks.
• Knowledge of cryptography principles and secure communication protocols.
• Excellent analytical, problem-solving, and communication skills.
• Ability to work effectively in a cross-functional team environment.

Our modern office is located in Vienna's Millennium Tower with excellent traffic connections. BD offers flexible working hours, (some) home office flexibility, a stock ownership program and numerous social benefits (e.g. free drinks, massages and Childcare support).

The minimum annual gross salary for this position is € 60.000,- (full-time basis). Based on individual skills and experience, we offer appropriate additional payment.

Click on apply if this sounds like you

At BD, we prioritize on-site collaboration because we believe it fosters creativity, innovation, and effective problem-solving, which are essential in the fast-paced healthcare industry. For most roles, we require a minimum of 4 days of in-office presence per week to maintain our culture of excellence and ensure smooth operations, while also recognizing the importance of flexibility and work-life balance. Remote or field-based positions will have different workplace arrangements which will be indicated in the job posting.

Becton, Dickinson and Company is an Equal Opportunity/Affirmative Action Employer. We do not unlawfully discriminate on the basis of race, color, religion, age, sex, creed, national origin, ancestry, citizenship status, marital or domestic or civil union status, familial status, affectional or sexual orientation, gender identity or expression, genetics, disability, military eligibility or veteran status, or any other protected status.

To learn more about BD visit:

Required Skills

Optional Skills

.

AUT Vienna - Handelskai