What are the responsibilities and job description for the Medical Device Security Specialist (flex-hybrid) @ UCLA Health position at Cyber Crime?

Medical Device Security Specialist (flex-hybrid)

UCLA Health

Ranked as one of America's top hospitals, UCLA Health provides the best care at its 4 hospitals and more than 250 locations throughout Southern California.

Work Location : Los Angeles, USA

Onsite or Remote : Flexible Hybrid

Work Schedule : Monday-Friday, 8 : 00 am - 5 : 00 pm PST

Posted Date : 12 / 21 / 2024

Salary Range : $124,600 - 289,400 Annually

Employment Type : 2 - Staff : Career

Duration : Indefinite

Job # : 20710

Primary Duties and Responsibilities

The medical device security specialist will play a crucial role in safeguarding our medical device environment to ensure device integrity and resilience by assessing, monitoring, and responding to threats and vulnerabilities. This position will work closely with cross-functional teams to ensure that our medical devices meet the highest standards of security, compliance, and reliability.

Duties include, but are not limited to :

Conduct comprehensive assessments of medical devices to identify potential security risks and vulnerabilities. Operation and administration of the Medigate medical device security platform.
Ensure Medical Device IT inventory is accurate and up to date. Participate in developing and implementing integrations for clinical device inventory data in ServiceNow (CMDB inventory).
Conduct Pen Testing to assess the resilience of our security controls against simulated cyber-attacks, identifying potential weaknesses and areas for improvement.
Participate in developing and implementing strategies to mitigate cybersecurity risks associated with medical devices, including but not limited to threat modeling, vulnerability management, and penetration testing.
Ensure that medical devices comply with relevant cybersecurity regulations, standards, and guidelines, such as FDA premarket cybersecurity guidance, HIPAA, and GDPR.
Collaborate with cross-functional teams to strengthen technical controls of network connected medical devices. Continuously evaluate the effectiveness of existing security controls deployed to mitigate vulnerabilities in medical devices, recommending adjustments or enhancements as necessary to bolster protection against evolving threats.
Participate in developing and maintaining incident response plans and procedures to effectively respond to cybersecurity incidents involving medical devices.
Perform investigation and analysis of security incidents involving medical devices, conducting digital forensics examinations to uncover the root causes of incidents and support remediation efforts.
Engage in a rotating on-call schedule to promptly respond to cybersecurity threats within a 24 / 7 healthcare environment.
Evaluate the cybersecurity posture of third-party vendors and suppliers providing components or services for medical devices.

This flexible hybrid role allows for a blend of remote and on-site work, requiring presence on-site as needed based on operational requirements. Please note, travel to the 'home office' location is not reimbursed. Each employee will complete a FlexWork Agreement with their manager to outline expectations and ensure mutual understanding. These arrangements are periodically reviewed and may be adjusted or terminated as necessary.

Salary offers are based on a variety of factors including qualifications, experience, and internal equity. The full salary range for this position is $124,600 - $289,400 annually. The University anticipates offering a salary between the minimum and midpoint of this range.

Job Qualifications

Required Experience :

8 years of extensive, hands-on experience in cybersecurity, with significant focus on healthcare IoT / IoMT device security.

5 years of experience leading and managing teams of cybersecurity professionals to implement security programs.

Proven track record leading projects to deploy and operate security solutions across distributed environments.

Experience performing risk assessments, developing security policies / standards, and implementing controls.

Substantial background working with clinical engineers, biomedical teams, and IT teams in healthcare settings.

Deep expertise with security frameworks (NIST CSF, ISO, etc.), regulations (HIPAA, etc.) and cybersecurity best practices.

Required Qualifications :

Bachelor's degree in computer science, cybersecurity, information systems or related technical field is preferred, but not required with sufficient equivalent work experience.

Relevant industry certifications such as CISSP, CISM, CRISC, HCISPP, etc. or equivalent work experience.

Extensive technical skills across security domains including network, endpoint, cloud, application security, etc.

Significant experience with security tools for vulnerability management, SIEM, IDS / IPS, DLP, etc.

Outstanding leadership, communication, and stakeholder management abilities.

Exceptional problem-solving, critical thinking, and decision-making skills.

Ability to roll up sleeves and perform specialized, hands-on cybersecurity work as needed.

J-18808-Ljbffr

Salary : $124,600 - $289,400

Apply for this job

Receive alerts for other Medical Device Security Specialist (flex-hybrid) @ UCLA Health job openings

Medical Device Security Specialist (flex-hybrid) @ UCLA Health

What are the responsibilities and job description for the Medical Device Security Specialist (flex-hybrid) @ UCLA Health position at Cyber Crime?

What is the career path for a Medical Device Security Specialist (flex-hybrid) @ UCLA Health?

Job openings at Cyber Crime

Not the job you're looking for? Here are some other Medical Device Security Specialist (flex-hybrid) @ UCLA Health jobs in the Los Angeles, CA area that may be a better fit.

We don't have any other Medical Device Security Specialist (flex-hybrid) @ UCLA Health jobs in the Los Angeles, CA area right now.

AI Assistant is available now!