IoMT Specialist--Cybersecurity Field Team Job Listing at Kaiser Permanente in San Francisco, CA (Job ID 5673799-2024-10-14)

Description

Job Summary:
Supports the technical and inventory activities associated with the delivery of cybersecurity controls for medical, non-medical, and other IoT end point devices as a part of Kaiser Permanente's comprehensive cybersecurity program.

Essential Responsibilities:

• Utilize hardening guides to coordinate and execute controls to reduce the potential attack surface in the medical and non-medical device environment.


• Work with other Healthcare Technology Management (HTM) professionals in delivering a robust cybersecurity program.


• Work with clinical operations to coordinate access to the medical device through a combination of virtual and onsite support to address high/critical vulnerabilities.


• Collect and validate device and network attributes to ensure a complete and compliant device inventory records.


• Partner with application owners to ensure the medical device IT controls are compliant and functioning by tracking and reporting of vulnerability remediation activities.


• Build stakeholder relationships with key vendors, KP cybersecurity consultants and program leads, system administrators, application owners and network strategy consultants.


• Travel within the local market, as well as other markets, to deploy device cyber controls, perform device inventory management, and support cyber threat responses.


• Flex to support and work on non-medical end point devices in Facilities, Security, Pharmacy, Research, Lab, and Optical.


• Stay current with the latest cybersecurity related trends and best practices.


• May perform other relevant duties and responsibilities as required.

• Minimum five (5) years' experience in IT, biomedical engineering, and/or cybersecurity within a healthcare environment. To include the following:


• Minimum three (3) years working in IT or operations: 1) Experience with information technology related to workstations, networking, integration, and interoperability of clinical technologies; 2) Experience placing device hardening controls such as firewall configurations, disabling ports/protocols/services/applications, micro-segmentation, securing wireless communication, installing anti-malware software or agents, credential management, network/device scanning, and/or support secured vendor remote access; and 3) Experience utilizing network and cybersecurity tools such as Tanium, Phosphorus, CyberArk, ForeScout, Armis, HANK, BlueCat, Nemo, Arujohn, CrowdStrike, Qualys, or Splunk.


• Minimum 3 years in Biomedical experience with HTM or clinical technology (i.e., devices and systems) used in at least two of the following clinical specialties and related clinical practices: 1) Performing corrective and planned maintenance activities on medical devices; Analyzing and correcting equipment malfunctions to include engaging the manufacturer to troubleshoot and resolve the issue; OR 2) Working with HTM modalities, radiologic technology, safety requirements, electrical and mechanical systems, networking theory, and Regulatory standards governing all aspects of imaging equipment.

• Associate degree or vocational certificate in biomedical instrumentation maintenance and repair, engineering, engineering technology, health care information systems or related field, OR Equivalent DOD Biomedical military training.


• High school diploma or General Educational Development (GED).

• Driver's License (in location where applicable)

• In-depth technical knowledge of HTM or clinical technology (i.e., devices and systems) used in at least two clinical specialties along with an understanding of the related clinical practices.


• In-depth knowledge of information technologies as they relate to workstations, networking, integration, and interoperability of clinical technologies.


• Knowledge and experience placing device hardening controls such as firewall configurations, disabling ports/protocols/services/applications, micro-segmentation, securing wireless communication, installing anti-malware software or agents, credential management, network/device scanning, and/or support secured vendor remote access.


• Experience in routinely performed corrective and planned maintenance activities on medical devices.


• Analyzes and corrects equipment malfunctions to include engaging the manufacturer to troubleshoot and resolve the issue.


• Ability to restores equipment to manufacturers specifications in collaboration with clinical personnel to correct operator-based problems.


• Experience utilizing network and cybersecurity tools such as Tanium, Phosphorus, CyberArk, ForeScout, Armis, HANK, BlueCat, Nemo, Arujohn, CrowdStrike, Qualys, or Splunk.


• Ability to follow the manufacturers operational and maintenance instruction manuals.


• Familiar with HTM modalities, radiologic technology, safety requirements, electrical and mechanical systems, networking theory, Regulatory standards governing all aspects of imaging equipment.


• Ability to work effectively in a Labor/Management Partnership environment.

• Clinical engineering experience within a healthcare technology management department.


• Bachelor degree in computer science, Biomedical/Clinical engineering, engineering, engineering technology, health care information systems or related field.


• BMET Certification in one or more of the following in medical instrumentation by military, RSTI, ACI, HIMSS, ACCE, ISC2, SANS (GIAC), or similar organization.


• Cyber related certifications in one or more of the following: in Comp TIA, Comp TIA Security+, GIAC Information Security Fundamentals (GISF), and/or Comp TIA PenTest.

#LI-DB1