Job Openings Clinical Engineering Cyber Specialist

About the job Clinical Engineering Cyber Specialist

Role Overview:

  • Leading and supporting the implementation of medical device cybersecurity strategies!
  • Client is seeking a Clinical Engineering Cyber Specialist to oversee and execute critical technical components of our healthcare cybersecurity program in Far Rockaway, NY.
  • This role leads the implementation of cybersecurity controls, performs risk assessments, and collaborates closely with hospital IT and InfoSec teams to ensure the security and availability of medical devices.
  • The ideal candidate will bring strong technical leadership, a proactive approach to threat mitigation, and a deep understanding of healthcare regulatory requirements.

What You'll Do:

  • Lead the collection of critical cybersecurity data elements (CDEs) and manufacturer documentation in CMMS and conduct risk assessments based on those findings.
  • Oversee configuration of medical devices to align with cybersecurity standards and manufacturer guidelines.
  • Manage planned and unplanned vulnerability remediation efforts, including response to zero-day threats and coordination with device manufacturers.
  • Investigate cybersecurity alerts on medical devices, analyze high-risk vulnerabilities, and develop response recommendations.
  • Track and report on vulnerability remediation activities while identifying opportunities to improve cybersecurity practices across HTM and IT.
  • Support HTM cybersecurity education, coach BMETs on best practices, and represent client in industry cybersecurity forums.

What You Bring:

  • Experience in medical device cybersecurity or a healthcare technology environment.
  • A valid driver's license and acceptable driving record.
  • Strong knowledge of CMMS platforms, cybersecurity frameworks (e.g., NIST, ISO), and FDA/Joint Commission regulations.
  • Proven ability to lead technical projects and drive cross-functional alignment.
  • Relevant certifications (e.g., CISSP, HCISPP, CEH, or Security+) preferred.

Minimum Qualifications & Requirements:

  • Minimum Education Requirement: Bachelor's degree or equivalent experience
  • Minimum Functional Experience: 3 years

Position Summary:

  • Leads the technical activities associated with the delivery of a medical device cybersecurity program, such as collection of cybersecurity data elements in the asset inventory, implementation of cybersecurity controls, and execution of critical cybersecurity fixes. Leads the technical analysis of emerging cybersecurity threats to determine impact to any devices in the asset inventory. Advises on technical elements of cybersecurity strategy, including recommendations for improvement. Supports the collection of metrics and key performance indicators for leadership review.
  • Technical Support – 80%
    • Leads the collection of Critical Data Elements (CDEs) in CMMS
    • Leads collection of manufacturer documentation and cybersecurity recommendations
    • Leads risk assessment of assets based on collected CDEs and documentation
    • Oversees out of the box configuration of medical devices to expected standards
    • Leads the planned vulnerability remediation, such as planned patching or upgrades
    • Leads the unplanned vulnerability remediation, such as response to zero-day threats
    • Leads the coordination of cybersecurity activities with device manufacturers as needed
    • Leads the testing and validation of network segmentation rules in coordination with hospital IT
    • Supports a range of IT projects that have implications for medical devices on the network
  • Program Support – 10%
    • Leads the investigation of alerts on medical devices in the hospital and clinics
    • Leads analysis and development of recommendations for response to high/critical vulnerabilities
    • Leads the tracking and reporting of vulnerability remediation activities
    • Identifies opportunities for improvement in cybersecurity practices for HTM and IT
    • Oversees quality control for cybersecurity data and documentation in CMMS
  • Training – 5%
    • Support HTM cybersecurity education & awareness for HTM teams
    • Coaches BMETs on basic cybersecurity hygiene and out of the box controls
    • Participates in industry cybersecurity workgroups and forums as representative of Client
    • Completes mandatory technical and non-technical training
  • Regulatory and Compliance – 5%
    • Advises on hospital audits involving cybersecurity, including HIPAA and Joint Commission
    • Advises on enterprise cybersecurity audits in alignment with enterprise leadership

Or refer someone