Medical Device Cybersecurity

Position Title : Medical Device Cybersecurity Analyst (On Site)Location : York, PANote: Need someone with a strong healthcare background who can work onsite 3days a week.Job SummaryLooking for someone who watches client's cybersecurity platform for alerts on connected medical devices across hospital clients, triages those findings, and coordinates patches, firmware updates, and mitigations through their work-order system. It's less "penetration tester" and more "asset and risk analyst sitting at the intersection of biomed engineering and infosec.ESSENTIAL DUTIES AND RESPONSIBILITIES:Monitors and responds to client’s comprehensive medical device asset and cybersecurity management platform findings and mitigating steps. Strong knowledge of computers, operating systems, security, and networkingAbility to interpret technical documentation and manualsGenerate and build bi-weekly, monthly, and quarterly client reportsCorrelate and perform GAP analysis on discovered medical devices with Client’s CMMSCreate security work orders in Client’s CMMS and assign to the field as applicableTriage, respond and assign work orders generated from Client’s CMMS cybersecurity module as appropriateEnsure work orders are completed within defined KPI’s and assist on site client resources if needed for successful completionResearch and engage OEM’s for available approved patches and firmware upgradesProactively collect most current MDS2 formsMaintain database of approved patches, firmware upgrades and MDS2 formsCollaborate and work with Clients to respond and coordinate mitigating steps and compensating controls on contracted medical devices that may arise from Clients passive asset discovery and risk assessment technologyParticipate and contribute to Client’s CEIT CouncilMaintains operational security metrics to measure the effectiveness of security controls and identify opportunities for improvement Assist in threat intelligence gathering, monitoring of zero-day and correlate to clients CMMS inventoryAssist in development and implementation of continued best practices and risk management of inventoried connected medical devicesAssures compliance with all regulatory standards including patient safety and all relative criteria governing the safe and appropriate use, testing and management of medical devices.MINIMUM QUALIFICATIONS:To perform this job successfully, an individual must be able to perform each essential duty satisfactorily.Knowledge of the operation and prior hands-on experience in the maintenance and repair of wide variety of medical equipment and systemsHigh attention to detail and exceptional work qualityExperience with process improvementProven ability to work effectively in an unstructured, fast-paced environmentExcellent written and verbal communication skillsOvernight travel may be required for Client visits or industry conferences or workshop.PREFERRED QUALIFICATIONS:Healthcare experience; General knowledge of Biomedical and Diagnostic ImagingKnowledge of healthcare cybersecurity is considered a plusExperience with Computerized Maintenance Management Systems (CMMS)Knowledge of connected medical device asset discovery and risk analysist platformsEDUCATION:Associates degree in Information Technology or Biomedical Engineering requiredSecurity+ within 3 years to 5 years employment (Medical Device) BMET preferred