Address
Form of workJOB PURPOSE:
This position will be responsible for supporting Piedmont's overall cybersecurity initiatives including defined day-to-day managed services activities. Utilizing Piedmont's cybersecurity framework, technologies and policies and procedures, the Medical Device Cybersecurity Analyst will be involved in response to cybersecurity alerts, ensuring KPI's are met, perform audits and risk assessments of medical devices, and provide subject matter expertise with Piedmont resources for medical device cybersecurity.
KEY RESPONSIBILITIES: 1. Monitors and responds to Piedmont's comprehensive medical device asset and cybersecurity management platform findings and mitigating steps. 2. Strong knowledge of computers, operating systems, security, and networking 3. Ability to interpret technical documentation and manuals 4. Generate and build bi-weekly, monthly, and quarterly customer reports 5. Correlate and perform GAP analysis on discovered medical devices with Piedmont's CMMS 6. Create security work orders in Piedmont's CMMS and assign to the field as applicable 7. Triage, respond and assign work orders generated from Piedmont's CMMS cybersecurity module as appropriate 8. Ensure work orders are completed within defined KPI's and assist on site Piedmont resources if needed for successful completion 9. Research and engage OEM's for available approved patches and firmware upgrades 10. Proactively collect most current MDS2 forms 11. Maintain database of approved patches, firmware upgrades and MDS2 forms
12. Collaborate and work with Clients to respond and coordinate mitigating steps and compensating controls on contracted medical devices that may arise from Clients passive asset discovery and risk assessment technology 13. Maintains operational security metrics to measure the effectiveness of security controls and identify opportunities for improvement 14. Assist in threat intelligence gathering, monitoring of zero-day and correlate to clients CMMS inventory 15. Assist in development and implementation of continued best practices and risk management of inventoried connected medical devices 16. Assures compliance with all regulatory standards including patient safety and all relative criteria governing the safe and appropriate use, testing and management of medical devices. 17. Travels to remote sites for testing, troubleshooting, installing and maintaining equipment. 18. Overnight travel may be required for site visits or industry conferences or workshops
KNOWLEDGE, SKILLS, ABILITIES
Must possess strong multi-tasking and analytical/troubleshooting skills.
Excellent written and oral communication skills.
Excellent collaboration and partnering skills
Strong logic and problem-solving skills
Understanding of network protocols from data link through application layer.
Knowledge of the following suite of security solutions - (for example: Cisco, Checkpoint, Rapid7). Understand basic security concepts such as, access control, application security, device hardening, onboarding and installation, configuration of anti-virus/antimalware. Solid understanding of the TCP/IP protocols and network technologies. Ability to troubleshoot and investigate security related issues and having experience with vulnerability and patch management, including Windows and Linux patching. is desired. Knowledge of the operation and prior hands-on experience in the maintenance and repair of wide variety of medical equipment and systems High attention to detail and exceptional work quality
#LI-POST #GD
MINIMUM EDUCATION REQUIRED: Associate's degree in Biomedical Engineering/Equipment Technology or equivalent.
MINIMUM EXPERIENCE REQUIRED: One (1) year of hands-on experience in network onboarding, preferably with endpoint computer equipment.
MINIMUM LICENSURE/CERTIFICATION REQUIRED:
Certified as CISSP, GIAC, Security , Network , or security equivalent; or will obtain certification within two (2) years of hire.
ADDITIONAL QUALIFICATIONS: Experience with process improvement Experience in working effectively in an unstructured, fast-paced environment. Experience with Microsoft Office products (Word, Excel, Visio, PowerPoint).
Strong knowledge of HIPAA, HITECH, HITRUST, NIST, and ISO.
Solid knowledge of HIPAA, Joint Commission, and other IT security governing bodies.
1 years of experience in system administration role or IOT security role is desired.
Project Management experience is preferred.
