Cybersecurity Regulatory Specialist

About Medcrypt

We"re obsessed with medical device cybersecurity. MedCrypt was started in 2016 to ensure that the medical devices we and our loved ones rely on were as safe and secure as technologically possible. We're not another cybersecurity company looking to capitalize on the healthcare industry. We are a team of medical device experts who are laser focused on bringing modern cybersecurity features to the next generation of healthcare technology.

Role Information

About the role

What you"ll do

• Identify and troubleshoot design gaps in cybersecurity architecture for medical devices when evaluated against regulatory requirements, standards, and best practices (/FDA, AAMI TIR, JSP, etc.).

• Support and collaborate with clients during Medcrypt led workshops to resolve documentation and/or medical device design gaps., working collaboratively with the client.

• Earn trust with clients, get to the true objectives, and deliver creative or innovative solutions to achieve the clients' objectives

• Review FDA submission documents related to device indications for use (IFU), device architecture, and cybersecurity

• Engage in tabletop exercises and workshops to resolve documentation and/or design gaps, working collaboratively with the client

• Identify and troubleshoot design gaps in cybersecurity architecture for medical devices when evaluated against best practices/FDA guidance/FDA requirements (per Appropriations Bill)/international standards.

• Participate in tabletop exercise planning and execution.

• Create and update training material documentation.

Qualifications

• Strong experience working in regulatory affairs, product security, cybersecurity at an MDM, or similar regulated industry.

• Experience with writing, updating and reviewing quality management system documentation (Policies, Procedures, Work Instructions, etc.) in a heavily regulated environment (ISO 13485, 9001).

• Excellent written communication skills, critical thinking, and ability to craft documents that clearly communicate to regulatory authorities

• Familiarity with FDA guidance documents and/or international cybersecurity standards

• Ability to learn/use a wide variety of tools for project management, data capture and analysis

• Strong bias for action and ownership

• Previous exposure to FDA (either at FDA, or engaging with FDA through pre-submissions or premarket filings)

• Certifications in cybersecurity domains Certified Ethical Hacker (CEH), Offensive Security Certified Professional (OSCP), or Certified Information Security Manager (CISM)

PI236116088