Apply Now

Medical Device Cybersecurity Risk Specialist

Irvine, CA, US • Posted 1 day ago • Updated 1 day ago

Full Time

No Travel Required

On-site

$110,000 - $120,000/yr

Fitment

Dice Job Match Score™

⏳ Almost there, hang tight...

Job Details

Skills

ISO/IEC 27001:2005
Cyber Security
Biomedicine
Penetration Testing
Software Development Methodology
Vulnerability Assessment
Health Care
Cloud Security
Medical Devices

Summary

Job Description

Must Have Technical/Functional Skills

• Strong understanding of information security risk management frameworks such as NIST CSF, ISO 27001 / 27005, FAIR, and COSO.

• Hands-on experience in conducting cybersecurity risk assessments, threat modeling, and evaluating risks across systems, vendors, projects, and business processes.

• Solid knowledge of medical device cybersecurity, including vulnerability analysis, security risk mitigation, and patient safety considerations.

• Familiarity with medical device integration, healthcare application ecosystems, and interactions with EHR systems and third-party healthcare vendor applications.

• Understanding of common cybersecurity controls including network security, endpoint protection, identity and access management, encryption, logging/monitoring, and secure system configuration.

• Experience reviewing penetration testing findings, identifying practical mitigation options, and validating remediation approaches in partnership with vendors or technical teams.

• Ability to maintain and manage risk registers, risk treatment plans, dashboards, and remediation tracking mechanisms using GRC platforms or structured spreadsheet-based tools.

• Working knowledge of cloud security, security operations, and cybersecurity input into SDLC, infrastructure changes, and new service introductions.

• Familiarity with regulatory and compliance expectations relevant to healthcare and medical devices, including cybersecurity documentation and risk-based decision-making.

• Exposure to Agile / Scrum methodologies and cross-functional project execution is highly desirable.

• Ability to research emerging threats, assess business relevance, and proactively recommend risk reduction actions.

Roles & Responsibilities

• Develop, maintain, and continuously improve the organization’s cybersecurity risk management program, with emphasis on practical and sustainable risk reduction.

• Perform qualitative and quantitative risk assessments for systems, projects, vendors, healthcare technologies, and business processes.

• Analyze medical device cybersecurity vulnerabilities, penetration testing findings, and technical risks to determine impact, likelihood, and patient/business impact.

• Partner with internal teams, vendors, and business owners to identify, validate, and track approved mitigation strategies and alternative risk treatment options where needed.

• Maintain accurate and up-to-date risk registers, risk treatment plans, issue logs, and risk dashboards.

• Support the selection, implementation, and validation of technical, administrative, and procedural security controls.

• Provide cybersecurity and risk management input into projects, cloud initiatives, system integrations, device onboarding, and service changes.

• Coordinate and support t hird-party/vendor risk assessments, follow-up actions, and remediation closure tracking.

• Translate technical cybersecurity issues into clear business impact statements and communicate them effectively to leadership and non-technical stakeholders.

• Produce recurring risk posture reports, trends, metrics, and remediation summaries for management and governance forums.

• Support incident response activities and perform post-incident risk analysis to identify lessons learned and strengthen controls.

• Promote a strong security and risk-aware culture by engaging with stakeholders, educating teams, and encouraging proactive risk identification.

• Collaborate effectively across cybersecurity, engineering, quality, clinical/biomedical, IT, and vendor teams to ensure balanced decision-making that protects both operations and patient safety.

• Stay current on evolving cybersecurity threats, healthcare technology risks, and relevant compliance expectations.

Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.

Dice Id: 91172467
Position Id: 9006412
Posted 1 day ago

Contact the job poster

Dinesh Kumar

Recruiter @ TATA Consultancy Services Limited

View Profile

Create job alert

Never miss an opportunity! Create an alert based on the job you applied for.

Similar Jobs

Cybersecurity Quality Engineer

Irvine, California

•

Today

Job Description Job Summary: The Cybersecurity Quality Engineer supports the integration of cybersecurity requirements into the product development lifecycle and quality management system for Masimo medical device products. Working under the guidance of senior quality, software, and cybersecurity team members, this role assists in ensuring cybersecurity-related activities are documented, traceable, and executed in accordance with applicable regulatory requirements, quality system procedures, a

Full-time

USD 85,000.00 - 105,000.00 per year

BMET Cybersecurity Specialist

Los Angeles, California

•

Today

Role Overview Precise. Reliable. Powerful. Join a team as innovative as the technology we manage. Full Relocation Package is Included!! Sodexo's growing Healthcare Technology Management (HTM) Division is seeking solution-oriented candidates who excel at cybersecurity to take on the role of BMET Cybersecurity Specialist to support services for MLK Community Healthcare located in Los Angeles, CA. A Sodexo BMET Cybersecurity Specialist is a healthcare technology professional who combines biomedi

Full-time

USD 81,685.00 - 105,710.00 per year

Director of Cybersecurity Governance, Risk & Compliance

Remote

•

Today

Superlanet is spearheading an executive search for a Director of Cybersecurity Governance, Risk & Compliance (GRC) for our healthcare client in Texas. This strategic leadership position reports directly to the Deputy Chief Information Security Officer and is responsible for building, maturing, and leading the organization''s cybersecurity governance, risk management, compliance, third-party risk, incident response, and business continuity programs. This position requires candidates to reside in

Easy Apply

Full-time

185000 - 205000

Cyber Security Engineer

No location provided

•

Today

Our Mission To improve the health of the communities we serve through contemporary, innovative, quality healthcare solutions. About Us - Information Technology (IT) Flexible scheduling.On the job training.Gain exposure to new and advanced technology in the healthcare setting. Schedule: Full time What You'll Do Job Profile Summary The Cyber Security Engineer at Freeman Health System is responsible for safeguarding all enterprise data, including HIPAA-regulated and other sensitive information

Full-time

Search all similar jobs

More jobs at TATA Consultancy Services Limited in Irvine, CA