Cyber Risk Manager Jobs in Provo, UT (NOW HIRING)

Innovation starts from the heart. Our Advanced Innovation & Technology (AI&T) teams harness the imagination, courage, and resourcefulness to think beyond what's currently possible, and create solutions for patients many years into the future. If you're an early-stage innovator, then Edwards AI&T team is the place for you to take the next steps in your career. We'll give you the tools and resources you need to create groundbreaking innovations that shape the future of structural heart technology.

In this role, you will be leading offensive cyber operations at Edwards Lifesciences. This role serves a critical function in delivering unique threat insights and services that help protect Edwards' mission of delivering innovative medical solutions that improve patient lives around the globe.

How You'll Make an Impact

• Plan, lead, and execute high-impact offensive cyber operations, including penetration tests, red team operations, and purple team exercises, aligned with Edwards' mission and risk priorities

• Continuously evolve offensive security capabilities and operations, informed by relevant shifts and trends in the threat and broader landscape, to assess and test the effectiveness of Edwards controls and services against real-world adversary TTPs

• Partner closely with cybersecurity, IT, and business teams to maximize defensive outcomes

• Clearly communicate complex technical findings, impact, and recommendations to technical and non-technical audiences at all levels of the organization

• Define and implement goals, operating models, and ethical guardrails for consistent, high-quality service delivery

• Provide technical leadership, mentoring, and quality oversight for assigned team members

What you'll need (Required):

• Bachelor's degree in Computer Science, Information Security, Engineering, or IT required while leveraging sound technical security skills to solve key business challenges or equivalent work experience based on Edwards criteria

• Deep hands-on experience leading and executing offensive cyber operations, including penetration tests, red team, and purple team engagements, across multiple domains (e.g. enterprise infrastructure and services, cloud, identity, applications, mobile)

• Ability to evolve and mature an offensive security program, services, and capabilities

• Strong ability to translate findings into risks and recommendations and communicate to a variety of audiences

What else we look for (Preferred):

• 8+ years of progressive experience in offensive cyber operations

• Demonstrated ability to lead offensive security engagements end-to-end, from scoping and risk discussions through execution and executive readouts

• Proven experience conducting full-scope adversary emulation aligned to real-world threats, including pre-engagement planning, infrastructure preparation, execution, and post-engagement analysis and reporting

• Working knowledge of MITRE ATT&CK with the ability to map activities to the framework

• Advanced proficiency assessing and testing of identity-based infrastructure and services

• Deep, hands-on experience assessing and testing cloud environments and native services

• Hands-on testing of Kubernetes, containers, serverless platforms, and CI/CD pipelines

• Strong background in web, API, and mobile application security testing

• Experience building and operating secure, adversary infrastructure (C2 frameworks, redirectors, staging, OPSEC-aware)

• Ability to customize and develop offensive tools and experience evading modern endpoint, network, identity, and cloud controls

• Expertise building and executing attack path analysis capabilities and activities

• Experience mentoring junior offensive security practitioners

• Offensive security certifications

• Experience with assessing/testing of AI-based solutions and components

• Experience with AI-assisted offensive operations, continuous testing models

• Familiarity with OT/manufacturing cybersecurity

Aligning our overall business objectives with performance, we offer competitive salaries, performance-based incentives, and a wide variety of benefits programs to address the diverse individual needs of our employees and their families.
For California, the base pay range for this position is $145,000 - $205,000 (highly experienced).
The pay for the successful candidate will depend on various factors (e.g., qualifications, education, prior experience). Applications will be accepted while this position is posted on our Careers website.

Edwards is an Equal Opportunity/Affirmative Action employer including protected Veterans and individuals with disabilities.

COVID Vaccination Requirement

Edwards is committed to protecting our vulnerable patients and the healthcare providers who are treating them. As such, all patient-facing and in-hospital positions require COVID-19 vaccination. If hired into a covered role, as a condition of employment, you will be required to submit proof that you have been vaccinated for COVID-19, unless you request and are granted a medical or religious accommodation for exemption from the vaccination requirement. This vaccination requirement does not apply in locations where it is prohibited by law to impose vaccination.