DescriptionPosition Accountability / Scope This role reports to the Global Director, Information Security. Candidate is responsible for overseeing cross-functional activities that help product R&D teams build safe and secure medical devices & services that are compliant with industry regulation and meet customer and patient security/safety expectations. Candidate will be the key point of contact for all products security related queries from frontline staff and managers, including product R&D teams across division. Primary Job Function Cybersecurity oversight for medical and non-medical products across division Medical/Non-Medical devices risk management Cybersecurity assessments of devices & services Cybersecurity complaint handling for all products Deployment of cybersecurity technology Customer cybersecurity queries and communication Core Job Responsibilities Develop best practices for the design of cyber secure products. Coordinate with the division R&D teams to conduct security risk assessment of all devices & services and develop mitigation plans. Coordinate with the division R&D teams to assess security on devices & services by conducting technical testing to identify and address security vulnerabilities. Define specific hardware and software architectures for our products to reduce or eliminate cyber vulnerabilities Alignment of division R&D Product Cybersecurity Risk Management processes with R&D Safety Risk Management processes for medical/non-medical devices Build a metrics program that leverages assessment data, internal and external vulnerability & threat intelligence sources, supplier data, and product profiles to provide insight into future trends. Collaborate with product R&D teams across division to create and maintain a Secure Product Development Lifecycle process to ensure that cybersecurity requirements/controls can be embedded within the product development process Develop and employ an ongoing product cybersecurity communications, training and awareness program tailored to the evolving needs of the business and specific requirements of various user groups through change management Build and maintain executive relationships necessary for the successful execution of the division product cybersecurity program. This includes: Developing and maintaining external and internal relationships to influence product cybersecurity policy, standards, and program Alignment with and incorporation of regulatory requirements Enhancing secure interoperability and communications with extended entities (internal and external) Stay abreast of changes in the business and product environment as well as the evolving regulatory and threat landscapeSkillsProduct security, Cyber security, CISSP, CRISC, CISA, NIST, FedRAMP, R&D, Information security, Security architectureTop Skills DetailsProduct security,Cyber security,CISSP,CRISC,CISA,NIST,FedRAMP,R&DAdditional Skills & Qualifications Previous work experience in healthcare or medical device cybersecurity role is required Experience with medical device certifications from government agencies is preferred Strong understanding of cybersecurity and the relationship between threat, vulnerability and potential customer risk in the context of risk management Strong understanding of medical product safety risk and the relationship with product cybersecurity risk Certifications such as CISA, CRISC, CISSP, CPP or CFE are preferred Two years of experience working in a medical device engineering or support is preferred Familiarity with FDA cybersecurity guidelines for medical devices Familiarity with design of medical devices such as optical lasers, hand held point of care devices, diagnostic devices etc. is a plus Deep understanding of industry standards such as the NIST Cybersecurity Framework, FedRAMP, RMF etc. Knowledge about the latest security technologies and tools used within the product security domain, such as PKI, firewalls, IDS/IPS, 2-factor authentication, network segmentation, etc. is highly desiredExperience LevelIntermediate LevelPay and BenefitsThe pay range for this position is $60.00 - $65.00 Medical, dental & vision Critical Illness, Accident, and Hospital 401(k) Retirement Plan – Pre-tax and Roth post-tax contributions available Life Insurance (Voluntary Life & AD&D for the employee and dependents) Short and long-term disability Health Spending Account (HSA) Transportation benefits Employee Assistance Program Time Off/Leave (PTO, Vacation or Sick Leave)Workplace TypeThis is a fully remote position.Application DeadlineThis position will be accepting applications until Dec 6, 2024.About TEKsystems: We're partners in transformation. We help clients activate ideas and solutions to take advantage of a new world of opportunity. We are a team of 80,000 strong, working with over 6,000 clients, including 80% of the Fortune 500, across North America, Europe and Asia. As an industry leader in Full-Stack Technology Services, Talent Services, and real-world application, we work with progressive leaders to drive change. That's the power of true partnership. TEKsystems is an Allegis Group company. The company is an equal opportunity employer and will consider all applications without regards to race, sex, age, color, religion, national origin, veteran status, disability, sexual orientation, gender identity, genetic information or any characteristic protected by law.
