Search for More Jobs
Get alerts for jobs like this Get jobs like this tweeted to you
Company: Kaiser Permanente
Location: San Francisco, CA
Career Level: Associate
Industries: Recruitment Agency, Staffing, Job Board

Description

Job Summary:
Supports the technical and inventory activities associated with the delivery of cybersecurity controls for medical, non-medical, and other IoT end point devices as a part of Kaiser Permanente's comprehensive cybersecurity program.

Essential Responsibilities:


  • Utilize hardening guides to coordinate and execute controls to reduce the potential attack surface in the medical and non-medical device environment.

  • Work with other Healthcare Technology Management (HTM) professionals in delivering a robust cybersecurity program.

  • Work with clinical operations to coordinate access to the medical device through a combination of virtual and onsite support to address high/critical vulnerabilities.

  • Collect and validate device and network attributes to ensure a complete and compliant device inventory records.

  • Partner with application owners to ensure the medical device IT controls are compliant and functioning by tracking and reporting of vulnerability remediation activities.

  • Build stakeholder relationships with key vendors, KP cybersecurity consultants and program leads, system administrators, application owners and network strategy consultants.

  • Travel within the local market, as well as other markets, to deploy device cyber controls, perform device inventory management, and support cyber threat responses.

  • Flex to support and work on non-medical end point devices in Facilities, Security, Pharmacy, Research, Lab, and Optical.

  • Stay current with the latest cybersecurity related trends and best practices.

  • May perform other relevant duties and responsibilities as required.


Basic Qualifications:
Experience

  • Minimum five (5) years' experience in IT, biomedical engineering, and/or cybersecurity within a healthcare environment. To include the following:

  • Minimum three (3) years working in IT or operations: 1) Experience with information technology related to workstations, networking, integration, and interoperability of clinical technologies; 2) Experience placing device hardening controls such as firewall configurations, disabling ports/protocols/services/applications, micro-segmentation, securing wireless communication, installing anti-malware software or agents, credential management, network/device scanning, and/or support secured vendor remote access; and 3) Experience utilizing network and cybersecurity tools such as Tanium, Phosphorus, CyberArk, ForeScout, Armis, HANK, BlueCat, Nemo, Arujohn, CrowdStrike, Qualys, or Splunk.

  • Minimum 3 years in Biomedical experience with HTM or clinical technology (i.e., devices and systems) used in at least two of the following clinical specialties and related clinical practices: 1) Performing corrective and planned maintenance activities on medical devices; Analyzing and correcting equipment malfunctions to include engaging the manufacturer to troubleshoot and resolve the issue; OR 2) Working with HTM modalities, radiologic technology, safety requirements, electrical and mechanical systems, networking theory, and Regulatory standards governing all aspects of imaging equipment.


Education

  • Associate degree or vocational certificate in biomedical instrumentation maintenance and repair, engineering, engineering technology, health care information systems or related field, OR Equivalent DOD Biomedical military training.

  • High school diploma or General Educational Development (GED).


License, Certification, Registration

  • Driver's License (in location where applicable)



Additional Requirements:

  • In-depth technical knowledge of HTM or clinical technology (i.e., devices and systems) used in at least two clinical specialties along with an understanding of the related clinical practices.

  • In-depth knowledge of information technologies as they relate to workstations, networking, integration, and interoperability of clinical technologies.

  • Knowledge and experience placing device hardening controls such as firewall configurations, disabling ports/protocols/services/applications, micro-segmentation, securing wireless communication, installing anti-malware software or agents, credential management, network/device scanning, and/or support secured vendor remote access.

  • Experience in routinely performed corrective and planned maintenance activities on medical devices.

  • Analyzes and corrects equipment malfunctions to include engaging the manufacturer to troubleshoot and resolve the issue.

  • Ability to restores equipment to manufacturers specifications in collaboration with clinical personnel to correct operator-based problems.

  • Experience utilizing network and cybersecurity tools such as Tanium, Phosphorus, CyberArk, ForeScout, Armis, HANK, BlueCat, Nemo, Arujohn, CrowdStrike, Qualys, or Splunk.

  • Ability to follow the manufacturers operational and maintenance instruction manuals.

  • Familiar with HTM modalities, radiologic technology, safety requirements, electrical and mechanical systems, networking theory, Regulatory standards governing all aspects of imaging equipment.

  • Ability to work effectively in a Labor/Management Partnership environment.



Preferred Qualifications:

  • Clinical engineering experience within a healthcare technology management department.

  • Bachelor degree in computer science, Biomedical/Clinical engineering, engineering, engineering technology, health care information systems or related field.

  • BMET Certification in one or more of the following in medical instrumentation by military, RSTI, ACI, HIMSS, ACCE, ISC2, SANS (GIAC), or similar organization.

  • Cyber related certifications in one or more of the following: in Comp TIA, Comp TIA Security+, GIAC Information Security Fundamentals (GISF), and/or Comp TIA PenTest.


#LI-DB1



 Apply on company website