Medical Device Cybersecurity Analyst || York PA

Position Title: Medical Device Cybersecurity Analyst (On Site)

Location: York, Pennsylvania

Client: Healthcare domain

Note: Need someone with a strong healthcare background who can work onsite 3days a week.

Job Summary

Looking for someone who watches client's cybersecurity platform for alerts on connected medical devices across hospital clients, triages those findings, and coordinates patches, firmware updates, and mitigations through their work-order system. It's less "penetration tester" and more "asset and risk analyst sitting at the intersection of biomed engineering and infosec.

ESSENTIAL DUTIES AND RESPONSIBILITIES:

• Monitors and responds to Intelas's comprehensive medical device asset and cybersecurity management platform findings and mitigating steps.
• Strong knowledge of computers, operating systems, security, and networking
• Ability to interpret technical documentation and manuals
• Generate and build bi-weekly, monthly, and quarterly client reports
• Correlate and perform GAP analysis on discovered medical devices with Intelas's CMMS
• Create security work orders in Intelas's CMMS and assign to the field as applicable
• Triage, respond and assign work orders generated from Intelas's CMMS cybersecurity module as appropriate
• Ensure work orders are completed within defined KPI's and assist on site Intelas resources if needed for successful completion
• Research and engage OEM's for available approved patches and firmware upgrades
• Proactively collect most current MDS2 forms
• Maintain database of approved patches, firmware upgrades and MDS2 forms
• Collaborate and work with Clients to respond and coordinate mitigating steps and compensating controls on contracted medical devices that may arise from Clients passive asset discovery and risk assessment technology
• Participate and contribute to Intelas's CEIT Council
• Maintains operational security metrics to measure the effectiveness of security controls and identify opportunities for improvement
• Assist in threat intelligence gathering, monitoring of zero-day and correlate to clients CMMS inventory
• Assist in development and implementation of continued best practices and risk management of inventoried connected medical devices
• Assures compliance with all regulatory standards including patient safety and all relative criteria governing the safe and appropriate use, testing and management of medical devices.

MINIMUM QUALIFICATIONS:

• To perform this job successfully, an individual must be able to perform each essential duty satisfactorily.
• Knowledge of the operation and prior hands-on experience in the maintenance and repair of wide variety of medical equipment and systems
• High attention to detail and exceptional work quality
• Experience with process improvement
• Proven ability to work effectively in an unstructured, fast-paced environment
• Excellent written and verbal communication skills
• Overnight travel may be required for Client visits or industry conferences or workshop.

PREFERRED QUALIFICATIONS:

• Healthcare experience; General knowledge of Biomedical and Diagnostic Imaging
• Knowledge of healthcare cybersecurity is considered a plus
• Experience with Computerized Maintenance Management Systems (CMMS)
• Knowledge of connected medical device asset discovery and risk analysist platforms

EDUCATION:

• Associates degree in Information Technology or Biomedical Engineering required
• Security+ within 3 years to 5 years employment (Medical Device)
• BMET preferred