As the Medical Device Security Engineer, you will play a key role in the success of securing medical devices across the Baylor Scott & White Health organization. This role will develop a medical device security program including standards, governance, support, and metrics to manage risk associated with those devices. This position will collaborate with teams across IT and Biomed along with a managed services organization that performs some of the day-to-day functions of the program.
SALARY:
The pay range for this position is $48.72/hr ($101,337/year) for those with entry-level qualifications up to $84.42/hr ($175,593/year) for those highly experienced. The specific rate will depend upon the successful candidate's specific qualifications and prior experience.
RESPONSIBILITIES
Develop security control requirements for securing medical devices across the organization to an acceptable risk level.
Partner with other teams to ensure the implementation of security controls on medical devices.
Establish governance processes and metrics to measure security control compliance of medical devices.
Create and update policies and standards for securing medical devices.
Manage loT/medical loT security solution used to detect and monitor vulnerabilities on medical devices.
Work with medical device manufacturers to ensure appropriate controls can be implemented on medical devices.
Partner with information risk management on assessing medical device vendor solutions including the review of MDS2 forms.
BENEFITS
Our competitive benefits package includes the following
Immediate eligibility for health and welfare benefits
401(k) savings plan with dollar-for-dollar match up to 5%
Tuition Reimbursement
PTO accrual beginning Day 1
Note: Benefits may vary based upon position type and/or level
BASIC QUALIFICATIONS
BS Degree in computer science, computer engineering, software engineering, cybersecurity, or related technical degree; or 5 years equivalent technology experience.
5+ years experience in IS in an enterprise environment.
3+ years experience leading medical device security in a mid-to-large healthcare organization.
Experience managing IoT/mIoT solutions such as Palo Alto IoT, Medigate, Armis in large corporate environment.
Understanding of cybersecurity organizational practices, operations risk management processes, architectural requirements, and vulnerability risk.
Knowledge of common software, operating systems vulnerabilities, and Unix/Linux.
Strong experience with Vulnerability Management Platforms such as Tenable, Qualys, Rapid7, in a large corporate environment.
Experience with controls or frameworks such as NIST 800-53, NIST CSF, CIS, MITRE ATT&CK.
Strong experience in reading and understanding vulnerability scans.
Knowledge of data communications terminology (e.g., networking protocols, Ethernet, IP, encryption, optical devices, removable media).
Knowledge of existing, emerging, and long-range issues related to cyber operations strategy, policy, and organization.
PREFERRED QUALIFICATIONS
Vulnerability management experience in a healthcare environment
Experience using ServiceNow for CMDB and ITSM functions
Certified Information Systems Security Professional (CISSP) certification
Certified Information Security Manager (CISM) certification
CompTIA Advanced Security Practitioners (CASP+)
Familiarity and understanding of HIPAA Security Rule
MINIMUM QUALIFICATIONS
EDUCATION - Bachelor's or 4 years of work experience above the minimum qualification
Baylor Scott & White Health (BSWH) is the largest not-for-profit health care system in Texas and one of the largest in the United States. With a commitment to and a track record of innovation, collaboration, integrity and compassion for the patient, BSWH stands to be one of the nation’s exemplary health care organizations. Our mission is to serve all people by providing personalized health and wellness through exemplary care, education and research as a Christian ministry of healing. Joining our team is not just accepting a job, it’s accepting a calling!