Medical Device Security Engineer
Miami, Florida
Employer: Nicklaus Children's Health System
Industry: Information Technology
Salary: Competitive
Job type: Full-Time
Description
Job Summary
Responsible for Clinical Engineering Cybersecurity management plan to ensure safe and secure use of medical device systems aligning with relevant organizational and accrediting best practices, procedures, and policies. This includes responding to cybersecurity threats related to medical equipment operational systems and responding to cybersecurity related incidents.
Job Specific Duties
Qualifications
Minimum Job Requirements
Knowledge, Skills, and Abilities
Job Summary
Responsible for Clinical Engineering Cybersecurity management plan to ensure safe and secure use of medical device systems aligning with relevant organizational and accrediting best practices, procedures, and policies. This includes responding to cybersecurity threats related to medical equipment operational systems and responding to cybersecurity related incidents.
Job Specific Duties
- Creates and oversees a Clinical Engineering management plan ensuring the safe and secure use of medical device and medical systems.
- Develops and leads new procurement and legacy deployment.
- Manages network medical device system inventories, interconnectivities, and diagrams in the Clinical Engineering Computerized Maintenance Management System and passive and active scanning solutions. Completes assessments for medical device systems which entails vulnerability and risk identification, mitigation, hardening, and acceptance.
- Manages network medical device system inventories, interconnectivity, and diagrams in the Clinical Engineering Computerized Maintenance Management System and passive and active cybersecurity scanning solutions.
- Coordinates planning and replacement of medical device systems with end-of-life operating systems.
- Implements antivirus and antimalware solutions with appropriate exceptions on medical device clients and servers.
- Executes monthly patching of medical device system clients and servers, specifically coordinating downtime, potential rollbacks, and applying only vendor approved patches.
- Develops and manages cyber-attack disaster recovery plans, backups, and downtime procedures for medical devices systems.
- Collaborates with Clinical Engineering, Cybersecurity, and Compliance to align with relevant organizational and accrediting best practices, procedures, and policies.
- Responsible for comprehensive medical device asset and cybersecurity management platform findings and mitigating steps.
- Rates cyber-risk using a defined and documented process to ascertain a probability, impact, and combined score for each risk.
- Develops mitigation strategies for each identified risk and ensures strategies are followed. Documents all questions and concerns.
- Creates new policies and ensures appropriate processes are in place, maintained, and adhered to for available approved patches and firmware upgrades.
- Ensure compliance with NCHS regulations.
- Ensures that medical devices cybersecurity risks are mitigated while health system initiatives are being met.
- Manages IOT cyber solutions and maintains operational security metrics to measure the effectiveness of security controls and identify opportunities for improvement. Assists in threat intelligence.
- Prepares reports for review by executive and other leaders to provide status updates and other information related to risk and governance.
- Manages the medical cybersecurity incident response to establish medical cyber security remediation with OEM’s.
Qualifications
Minimum Job Requirements
- Bachelor's Degree in Information Technology, Biomedical Engineering, or related field
- 4 years in medical device management, enterprise IT device management, or related experience
Knowledge, Skills, and Abilities
- Healthcare organization experience preferred.
- Cybersecurity Certification (CISM, CISSP, CISA, etc.) highly preferred.
- Detailed understanding of risk management practices.
- An in-depth understanding of medical device connectivity, healthcare IT security risks, and mitigation strategies.
- Working knowledge of security solutions (for example: Aruba, Cisco, Medigate, Rapid7, etc.).
- Detailed understanding of HIPAA, HITECH, DNV and related regulations.
- Excellent written and verbal communication skills.
- A comprehensive understanding of standard IT infrastructure and administration practices.
- Ability to identify and quantify cybersecurity related risks and common mitigation strategies.
Created: 2024-06-14
Reference: 26825
Country: United States
State: Florida
City: Miami
ZIP: 33129
Similar jobs:
-
ERP Security Engineer
AdventHealth in Altamonte Springs, Florida -
Remote Security Engineering Manager
Insight Global in Miami, Florida💸 $135000 - $185000 per year -
Lead, Info Security Systems Engineer - Palm Bay, FL
L-3 Technologies in Palm Bay, Florida -
Senior Specialist, Info Security Systems Engineer - Melbourne, FL (425644, 425646)
L-3 Technologies in Palm Bay, Florida -
Electronic Warfare, Systems Engineering Specialist (Active Secret Security Clearance)
L-3 Technologies in Palm Bay, Florida -
Senior PKI Infrastructure Security Engineer
Fisher Investments in Tampa, Florida -
Lead, Information Security Systems Engineer (ISSE)
L-3 Technologies in Melbourne, Florida -
CyberArk Security Engineer
Raymond James Financial Incorporated in Saint Petersburg, Florida -
Information Security Engineer
Global Channel Management, Inc. in Jacksonville, Florida -
Senior CyberArk Infrastructure Security Engineer
Apex Systems in Tampa, Florida -
Sr. Application Security Engineer
Carnival Corporation in Miami, Florida💸 $83182 - $135000. per year -
Space Vehicle Electrical Systems Engineer (Active TS/SCI Security Clearance Required)
L-3 Technologies in Palm Bay, Florida -
Sr. Network Security Engineer - Doral, FL
General Dynamics Corporation in Doral, Florida💸 $110500 - $149500. per year -
Senior CyberArk Infrastructure Security Engineer
Fisher Investments in Tampa, Florida -
Lead, Systems Engineer-RF Missions (Active TS/SCI Security Clearance Required)
L-3 Technologies in Palm Bay, Florida -
Specialist, Info Security Systems Engineer - Melbourne, FL (425644, 425646)
L-3 Technologies in Palm Bay, Florida -
Systems Engineer-RF Missions (Active Secret Security Clearance Required)
L-3 Technologies in Palm Bay, Florida -
Cyber Security Engineer
System One Holdings, LLC in Melbourne, Florida -
CyberArk Security Engineer
Raymond James Financial Incorporated in Saint Petersburg, Florida -
ServiceNow Engineer, IT Security
Raymond James Financial Incorporated in Saint Petersburg, Florida