Description
Job Summary:
Supports the technical and inventory activities associated with the delivery of cybersecurity controls for medical, non-medical, and other IoT end point devices as a part of Kaiser Permanente's comprehensive cybersecurity program.
Essential Responsibilities:
- Utilize hardening guides to coordinate and execute controls to reduce the potential attack surface in the medical and non-medical device environment.
- Work with other Healthcare Technology Management (HTM) professionals in delivering a robust cybersecurity program.
- Work with clinical operations to coordinate access to the medical device through a combination of virtual and onsite support to address high/critical vulnerabilities.
- Collect and validate device and network attributes to ensure a complete and compliant device inventory records.
- Partner with application owners to ensure the medical device IT controls are compliant and functioning by tracking and reporting of vulnerability remediation activities.
- Build stakeholder relationships with key vendors, KP cybersecurity consultants and program leads, system administrators, application owners and network strategy consultants.
- Travel within the local market, as well as other markets, to deploy device cyber controls, perform device inventory management, and support cyber threat responses.
- Flex to support and work on non-medical end point devices in Facilities, Security, Pharmacy, Research, Lab, and Optical.
- Stay current with the latest cybersecurity related trends and best practices.
- May perform other relevant duties and responsibilities as required.
Basic Qualifications:
Experience
- Minimum five (5) years' experience in IT, biomedical engineering, and/or cybersecurity within a healthcare environment. To include the following:
- Minimum three (3) years working in IT or operations: 1) Experience with information technology related to workstations, networking, integration, and interoperability of clinical technologies; 2) Experience placing device hardening controls such as firewall configurations, disabling ports/protocols/services/applications, micro-segmentation, securing wireless communication, installing anti-malware software or agents, credential management, network/device scanning, and/or support secured vendor remote access; and 3) Experience utilizing network and cybersecurity tools such as Tanium, Phosphorus, CyberArk, ForeScout, Armis, HANK, BlueCat, Nemo, Arujohn, CrowdStrike, Qualys, or Splunk.
- Minimum 3 years in Biomedical experience with HTM or clinical technology (i.e., devices and systems) used in at least two of the following clinical specialties and related clinical practices: 1) Performing corrective and planned maintenance activities on medical devices; Analyzing and correcting equipment malfunctions to include engaging the manufacturer to troubleshoot and resolve the issue; OR 2) Working with HTM modalities, radiologic technology, safety requirements, electrical and mechanical systems, networking theory, and Regulatory standards governing all aspects of imaging equipment.
Education
- Associate degree or vocational certificate in biomedical instrumentation maintenance and repair, engineering, engineering technology, health care information systems or related field, OR Equivalent DOD Biomedical military training.
- High school diploma or General Educational Development (GED).
License, Certification, Registration
- Driver's License (in location where applicable)
Additional Requirements:
- In-depth technical knowledge of HTM or clinical technology (i.e., devices and systems) used in at least two clinical specialties along with an understanding of the related clinical practices.
- In-depth knowledge of information technologies as they relate to workstations, networking, integration, and interoperability of clinical technologies.
- Knowledge and experience placing device hardening controls such as firewall configurations, disabling ports/protocols/services/applications, micro-segmentation, securing wireless communication, installing anti-malware software or agents, credential management, network/device scanning, and/or support secured vendor remote access.
- Experience in routinely performed corrective and planned maintenance activities on medical devices.
- Analyzes and corrects equipment malfunctions to include engaging the manufacturer to troubleshoot and resolve the issue.
- Ability to restores equipment to manufacturers specifications in collaboration with clinical personnel to correct operator-based problems.
- Experience utilizing network and cybersecurity tools such as Tanium, Phosphorus, CyberArk, ForeScout, Armis, HANK, BlueCat, Nemo, Arujohn, CrowdStrike, Qualys, or Splunk.
- Ability to follow the manufacturers operational and maintenance instruction manuals.
- Familiar with HTM modalities, radiologic technology, safety requirements, electrical and mechanical systems, networking theory, Regulatory standards governing all aspects of imaging equipment.
- Ability to work effectively in a Labor/Management Partnership environment.
Preferred Qualifications:
- Clinical engineering experience within a healthcare technology management department.
- Bachelor degree in computer science, Biomedical/Clinical engineering, engineering, engineering technology, health care information systems or related field.
- BMET Certification in one or more of the following in medical instrumentation by military, RSTI, ACI, HIMSS, ACCE, ISC2, SANS (GIAC), or similar organization.
- Cyber related certifications in one or more of the following: in Comp TIA, Comp TIA Security+, GIAC Information Security Fundamentals (GISF), and/or Comp TIA PenTest.
#LI-DB1
Apply on company website