Manager, IT - Product & Operational Technology Security

Bausch + Lomb (NYSE/TSX: BLCO) is a leading global eye health company dedicated to protecting and enhancing the gift of sight for millions of people around the world—from the moment of birth through every phase of life. Our mission is simple, yet powerful: helping you see better, to live better.

Our comprehensive portfolio of over 400 products is fully integrated and built to serve our customers across the full spectrum of their eye health needs throughout their lives. Our iconic brand is built on the deep trust and loyalty of our customers established over our 170-year history. We have a significant global research, development, manufacturing and commercial footprint of approximately 13,000 employees and a presence in approximately 100 countries, extending our reach to billions of potential customers across the globe. We have long been associated with many of the most significant advances in eye health, and we believe we are well positioned to continue leading the advancement of eye health in the future.

The Manager, Product & Operational Technology (OT) Security supports the execution and day-to-day management of Product and OT Security activities across the organization, implementing established security programs, standards, and controls to protect medical products and manufacturing environments in support of patient safety, regulatory compliance, and operational continuity. Working closely with senior security leadership and cross-functional partners across R&D, Quality, Regulatory Affairs, Manufacturing IT, and Engineering, this role helps operationalize cybersecurity requirements, coordinate risk assessments, and enable secure product development and manufacturing practices. This position is well suited for a hands-on security leader who can translate strategy into execution while continuing to expand their scope and impact.

Key Responsibilities:

Product Security Execution and Support

• Support product security activities across the product lifecycle by executing established security processes for design reviews, development, release, and post market support.
• Coordinate and participate in threat modeling, secure architecture reviews, and product security risk assessments in partnership with R&D and Product teams.
• Manage day to day product vulnerability intake, tracking, remediation coordination, and disclosure activities, escalating risks and decisions as needed.
• Support alignment of product cybersecurity documentation and controls with applicable standards and guidance, including IEC 81001-5-1 and FDA cybersecurity expectations.
• Partner with Quality and Regulatory Affairs teams to support cybersecurity inputs for product submissions, audits, and inspections.

Operational Technology (OT) Security

• Support OT security activities across manufacturing and R&D environments by implementing and maintaining approved security standards and controls.
• Coordinate OT security assessments and architecture reviews, working with Manufacturing IT and Engineering teams to identify and mitigate risks.
• Assist in implementing OT security controls related to network segmentation, remote access, vendor connectivity, asset visibility, and monitoring.
• Support integration of OT security considerations into plant change management and capital project planning, escalating constraints or risk tradeoffs as needed.

Cross Functional Collaboration

• Act as a primary security point of contact for Product and OT related initiatives, ensuring consistent communication and coordination across stakeholders.
• Translate cybersecurity requirements into practical, implementable guidance for engineering and operations teams.
• Support continuous improvement of security processes, templates, and documentation.

People & Vendor Management

• Directly manage Product Security Engineers or analysts, providing task direction, coaching, and performance feedback.
• Support onboarding, training, and development of team members to promote consistent and repeatable security practices.
• Coordinate vendor and service provider activities related to Product and OT Security under the direction of senior leadership.

Required Qualifications

• Bachelor’s degree in Information Security, Computer Science, Engineering, or a related field preferred, or equivalent relevant experience in lieu of formal education.
• 6+ years of cybersecurity experience, including experience supporting security activities in regulated or operational environments.
• Working knowledge of product security practices such as threat modeling, secure design reviews, vulnerability management, and remediation tracking.
• Experience operating within regulated environments with strong quality, safety, or compliance requirements.
• Ability to clearly communicate technical risks and recommendations to both technical and non technical stakeholders.
• Prior experience providing task leadership or managing a small technical team.

Preferred Qualifications

• Exposure to OT or industrial environments, including manufacturing, laboratory, or R&D systems
• Familiarity with cybersecurity considerations in medical device or regulated product environments
• Experience supporting programs aligned to IEC 81001-5-1 or FDA Cybersecurity in Medical Devices guidance
• Familiarity with Dragos software
• Relevant security certifications (e.g., CISSP, CISM, CSSLP) 

This position may be available in the following location(s): Bridgewater, NJ or Rochester, NY

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status.

For U.S. locations that require disclosure of compensation, the starting pay for this role is between $130,000.00 and  $160,000.00.  The estimated salary range reflects an anticipated range for this position. The actual base salary offered may depend on a variety of factors.

U.S. based employees may be eligible for short-term and/or long-term incentives. They may also be eligible to participate in medical, dental, vision insurance, disability and life insurance,  a 401(k) plan and company match, a tuition reimbursement program (select degrees), company holidays, and well-being benefits, among others. U.S. based employees are also eligible to receive sick time, floating holidays and paid vacation.

Job Applicants should be aware of job offer scams perpetrated through the use of the Internet and social media platforms.

To learn more please read Bausch + Lomb's Job Offer Fraud Statement.

Our Benefit Programs: Employee Benefits: Bausch + Lomb

Applicants must be authorized to work for ANY employer in the U.S. We are unable to sponsor or take over sponsorship of an employment Visa at this time.

#LI-KF