Job Description :
POSITION: MEDICAL DEVICE SECURITY ANALYST
LOCATION: AUGUSTA, GA
FULL TIME
Education: Associates degree required. Associate degree in Applied Science of Technology or equivalent two-year vocational or military education required. Bachelor''s degree preferred.
Experience: Minimum three years clinical or radiology engineering required. Information Systems/ Security preferred.
Licensure/Certification/Registration: CompTIA Security+ or CompTIA Healthcare IT Tech or equivalent preferred.
Additional skills/requirements required: Knowledge in data processing techniques in order to process vulnerability scans into prioritized workflows for addressing the most critically vulnerable infrastructure. Project and data management skills using multiple software applications. Knowledge of servicing medical equipment hardware and software. Knowledge of medical equipment cybersecurity principles and documentation (e.g. MDS2, patch validation, FDA OS patch regulations, FDA reporting, ICS-CERT reports, etc. Knowledge of national laws, regulations, policies, and ethics as they relate to cybersecurity. Knowledge of cyber defense mitigation techniques and vulnerability assessment tools. Knowledge of current industry methods for evaluating, implementing, and disseminating information technology (IT) security assessment, monitoring, detection, and remediation tools and procedures, utilizing standards-based concepts, and capabilities. Knowledge of Personal Health Information (PHI) and Health Insurance Portability and Accountability Act of 1996 (HIPAA) standards. Interpersonal communication skill, both written and oral, with the ability to communicate effectively to technical and non-technical audiences. Ability to develop productive working relationships with business and technical groups. Ability to effectively prioritize multiple responsibilities. Ability to drive/travel to multiple locations/facilities as needed.
Additional skills/requirements preferred:Knowledge of information security architecture principles. Knowledge of incident response methodologies. Knowledge of security tools (IPS, IDS, Vulnerability Scanner, Network Mapping, Encryption, etc. Knowledge of original equipment manufacturers (OEMs) and their associated equipment. DICOM troubleshooting. Knowledge of the organization’s enterprise CMMS. Knowledge of applicable laws, statutes, directives, regulations and guidelines (e.g., Electronic Communications Privacy Act, Foreign Intelligence Surveillance Act, Protect America Act, FDA Postmarket Management of Cybersecurity in Medical Devices) as related to work performed.
SKILLS AND CERTIFICATIONS [note: bold skills and certification are required]
Associates Degree
Military