Demo
Salary Resume Critique Job Openings

Sr. IT Auditor Consultant, Hospital Medical Device IT Controls (BHJOB22048_756)

ITmPowered
Boston, MA Full Time
POSTED ON 4/24/2025
AVAILABLE BEFORE 5/23/2025

Sr. IT Auditor Consultant, Hospital Medical Device IT Controls

Read all the information about this opportunity carefully, then use the application button below to send your CV and application.

Be on the frontlines of Technology Risk in the emerging area of Medical Device Cybersecurity! A large national hospital network can have over 350,000 connected medical devices. Many of these interconnected devices (hospital imaging equipment, patient monitoring, IV pumps, blood spinners) and connected hospital facilities devices (elevators, door locks, ID Card readers) are exposed publicly and vulnerable to cyber-attack. To help protect this large IoMT network, our client is implementing a customized set of IT Controls to secure their Medical Devices, Healthcare Technology Management Operations, and Hospital Facilities connect IT devices.

About the Role :

The Sr. IT Auditor Consultant will serve on behalf of the Technology Risk Management organization performing IT Controls Assessments for a set of 20 custom IT controls in this Hospital Medical Device Cybersecurity Program. Plan and perform full lifecycle audits (scope, plan, fieldwork, reporting) assessing Audit IT Controls Design prior to implementation and IT Controls Execution once implemented. Helping the Med Device Cybersecurity team where they have controls gaps and findings and understand how effective IT controls should be implemented.

WHAT YOU’LL ACCOMPLISH

  • As a part of the Technology Risk Office, this role will be conducting IT Controls Assessments (IT Audits) of roughly 20 customized Medical Device cybersecurity IT Controls being implemented enterprise-wide.
  • Conduct full IT Controls Risk Assessments on each of 20 custom Med Device cybersecurity IT Controls twice :
  • First by testing Controls Design (does it make sense) prior to implementation and
  • Second testing Controls Execution (is control actually working) once the controls are implemented.
  • Spearhead IT Controls Assessments end to end (scoping, planning, fieldwork / controls testing, and reporting).
  • Scope and Plan IT Controls Assessment engagements. Lead Kickoff meetings, set expectations and schedule.
  • Clearly document IT Controls processes narratives (step 1, 2, 3…) of planned or current IT Control processes.
  • Fieldwork – Conduct detailed IT Controls Testing, gather, and document detailed IT Controls test results supported by clear evidentiary artifacts.
  • Reporting – Write full IT Controls Assessment (IT Audit) Reports – Assessment Scope, Audit details, controls inspection / testing results, IT Controls Assessment Findings with clearly communicated Risk severity, likelihood, impact, and Controls deficiency Risk Remediation Recommendations and Corrective Action Plans.
  • Plan & conduct complex IT Audit Controls Assessments for Hospital Medical Device cybersecurity through full device lifecycle (device procurement, intake, implementation, operations, maintenance, decommissioning).
  • Assess IT Risk Controls for Hospital Med Device Cybersecurity Controls across IAM, logical access, password vaulting, network security, logging and monitoring, vulnerability management, change management, etc.

WHAT WE’RE LOOKING FOR

  • Bachelor’s degree. BS / BA in IT, CS, MIS or related field preferred or equivalent work experience.
  • 3-5 years leading IT Audits end to end (scoping, planning fieldwork / controls testing, reporting).
  • CISA certification and CISSP, CCSP, CEH, CRISA, Security or similar, related certification.
  • Solid expertise in documenting processes IT Audit narratives (step 1, 2, 3…) of planned or current processes.
  • Solid understanding of IT Controls and controls frameworks, NIST 800-53, RMF, CSF, HITRUST, etc.
  • Understanding of HIPAA and other regulatory frameworks (e.g., HIPAA, PCI, SOX, GDPR, etc.).
  • Experience advising and providing guidance on effective IT Controls Implementation.

    • Preferred Experience :

  • Prior experience in a hospital provider environment managing electronic medical devices equipment.
  • 1-3 years’ experience electronic medical device management, operations, or cybersecurity in a hospital.
  • Med Device Certifications : CHTM, CBET, CABT, CRES, or Med Device cybersecurity certifications.
  • Familiarity in Hospital Medical Device Management CMMS systems – Nuvolo or similar.
  • Ideal : Experience in Hospital Med Device Management then shifted to IT Audit / Technology Risk Mgmt.

    • LOGISTICS :

  • Work remotely anywhere in Domestic US. Preferred locations Colorado or Georgia.
  • COVID-19 Vaccine and Booster Required – OR must provide valid medical exemption from doctor in advance.
  • Must be able to successfully pass a 12-panel drug screen, 10-year background check, employment verification.
  • You will need to be a current US Citizen or valid Green Card holder. No need for visa now or in future. This role is not able to offer visa transfer or sponsorship now or in the future.
  • W2 only – No sub vendors. Sponsorship NOT available.
  • Must have direct contact information on resume (phone / email) to be considered.

    • J-18808-Ljbffr

    If your compensation planning software is too rigid to deploy winning incentive strategies, it’s time to find an adaptable solution. Compensation Planning
    Enhance your organization's compensation strategy with salary data sets that HR and team managers can use to pay your staff right. Surveys & Data Sets

    What is the career path for a Sr. IT Auditor Consultant, Hospital Medical Device IT Controls (BHJOB22048_756)?

    Sign up to receive alerts about other jobs on the Sr. IT Auditor Consultant, Hospital Medical Device IT Controls (BHJOB22048_756) career path by checking the boxes next to the positions that interest you.
    Income Estimation: 
    $65,140 - $82,070
    Income Estimation: 
    $83,010 - $104,507
    Income Estimation: 
    $83,010 - $104,507
    Income Estimation: 
    $105,259 - $133,442
    Income Estimation: 
    $105,259 - $133,442
    Income Estimation: 
    $129,191 - $164,117
    Income Estimation: 
    $129,191 - $164,117
    Income Estimation: 
    $153,718 - $195,211
    Income Estimation: 
    $65,140 - $82,070
    Income Estimation: 
    $83,010 - $104,507
    Employees: Get a Salary Increase
    View Core, Job Family, and Industry Job Skills and Competency Data for more than 15,000 Job Titles Skills Library

    Job openings at ITmPowered

    Sr. Full Stack Java Angular Developer
    ITmPowered
    Hired Organization Address Denver, CO Full Time
    Sr. Full Stack Java Angular Developer - AEM / ECM Digital Marketing platforms (Can work remotely anywhere in the contine...
    Cyber Incident Handler - Principal
    ITmPowered
    Hired Organization Address Seattle, WA Full Time
    Cyber Security Incident Handler (Principal) - Remote - KAISJP00211866 The Incident Handler uses incident response, inves...
    Sr. Web Platform Engineer - F5, NGINX
    ITmPowered
    Hired Organization Address Seattle, WA Full Time
    Sr. Web Platform Engineer - F5, NGINX Sr. Web Platform Engineer will work as a part of the enterprise digital platform d...
    Sr. Splunk Enterprise Security App Dev/Administrator (Remote)
    ITmPowered
    Hired Organization Address Atlanta, GA Full Time
    Sr. Splunk Enterprise Security App Dev / Administrator (Remote) - ITmPowered Sr. Splunk Enterprise Security Developer Ad...
    View More Jobs at ITmPowered

    Not the job you're looking for? Here are some other Sr. IT Auditor Consultant, Hospital Medical Device IT Controls (BHJOB22048_756) jobs in the Boston, MA area that may be a better fit.

    IT Controls Sr Manager (SOX)

    Manpower Group Inc., Cambridge, MA

    Sr. Cloud Ops Engineer

    IT TrailBlazers, Medford, MA

    View More Jobs

    AI Assistant is available now!

    Feel free to start your new journey!