Kaiser Permanente is hiring: IoMT Lead - Cybersecurity Field Team in Oakland
Kaiser Permanente, Oakland, CA, United States
Job Summary: Supports the technical and inventory activities associated with the delivery of cybersecurity controls for medical, non-medical, and other IoT end point devices as a part of Kaiser Permanentes comprehensive cybersecurity program. Function in Lead capacity including, but not limited to, scheduling work, assisting, orienting, and training assigned staff. Essential Responsibilities: Assures smooth running of assigned staff; Assigns tasks in fair and equitable manner; Coordinates operational services through staff. Coordinates and assures completion of outstanding scheduled and unscheduled work; Acts in behalf of manager in his/her absence. Assures proper (timely and accurate) documentation required of subordinate staff. Provides performance-related input of staff assigned to manager; Consults with manager on performance issues; Keeps manager apprised of problems and issues as related to service performance. Utilize hardening guides to coordinate and execute controls to reduce the potential attack surface in the medical and non-medical device environment. Work with other Healthcare Technology Management (HTM) professionals in delivering a robust cybersecurity program. Work with clinical operations to coordinate access to the medical device through a combination of virtual and onsite support to address high/critical vulnerabilities. Collect and validate device and network attributes to ensure a complete and compliant device inventory records. Partner with application owners to ensure the medical device IT controls are compliant and functioning by tracking and reporting of vulnerability remediation activities. Build stakeholder relationships with key vendors, KP cybersecurity consultants and program leads, system administrators, application owners and network strategy consultants. Travel within the local market, as well as other markets, to deploy device cyber controls, perform device inventory management, and support cyber threat responses. Flex to support and work on non-medical end point devices in Facilities, Security, Pharmacy, Research, Lab, and Optical. Stay current with the latest cybersecurity related trends and best practices. May perform other relevant duties and responsibilities as required.. Basic Qualifications: Experience Minimum seven (7) years experience in IT, biomedical engineering, and/or cybersecurity within a healthcare environment. To include the following: Minimum five (5) years working in IT or operations: 1) Experience with information technology related to workstations, networking, integration, and interoperability of clinical technologies; 2) Experience placing device hardening controls such as firewall configurations, disabling ports/protocols/services/applications, micro-segmentation, securing wireless communication, installing anti-malware software or agents, credential management, network/device scanning, and/or support secured vendor remote access; and 3) Experience utilizing network and cybersecurity tools such as Tanium, Phosphorus, CyberArk, ForeScout, Armis, HANK, BlueCat, Nemo, Arujohn, CrowdStrike, Qualys, or Splunk. Minimum five (5) years in BioMedical experience with HTM or clinical technology (i.e., devices and systems) used in at least two of the following clinical specialties and related clinical practices: 1) Performing corrective and planned maintenance activities on medical devices; Analyzing and correcting equipment malfunctions to include engaging the manufacturer to troubleshoot and resolve the issue; OR 2) Working with HTM modalities, radiologic technology, safety requirements, electrical and mechanical systems, networking theory, and Regulatory standards governing all aspects of imaging equipment. Minimum three (3) years leadership with or without direct reports Education Bachelors degree in biomedical instrumentation maintenance and repair, engineering, engineering technology, health care information systems or related field, OR four (4) years of additional equivalent DOD Biomedical military training. High school diploma or General Educational Development (GED). License, Certification, Registration Drivers License (in location where applicable) Additional Requirements: In-depth technical knowledge of HTM or clinical technology (i.e., devices and systems) used in at least two clinical specialties along with an understanding of the related clinical practices. In-depth knowledge of information technologies as they relate to workstations, networking, integration, and interoperability of clinical technologies. Knowledge and experience placing device hardening controls such as firewall configurations, disabling ports/protocols/services/applications, micro-segmentation, securing wireless communication, installing anti-malware software or agents, credential management, network/device scanning, and/or support secured vendor remote access. Experience in routinely performed corrective and planned maintenance activities on medical devices. Analyzes and corrects equipment malfunctions to include engaging the manufacturer to troubleshoot and resolve the issue. Ability to restores equipment to manufacturers specifications in collaboration with clinical personnel to correct operator-based problems. Experience utilizing network and cybersecurity tools such as Tanium, Phosphorus, CyberArk, ForeScout, Armis, HANK, BlueCat, Nemo, Arujohn, CrowdStrike, Qualys, or Splunk. Ability to follow the manufacturers operational and maintenance instruction manuals. Familiar with HTM modalities, radiologic technology, safety requirements, electrical and mechanical systems, networking theory, Regulatory standards governing all aspects of imaging equipment. Ability to work effectively in a Labor/Management Partnership environment. Preferred Qualifications: Clinical engineering experience within a healthcare technology management department. BMET Certification in one or more of the following in medical instrumentation by military, RSTI, ACI, HIMSS, ACCE, ISC2, SANS (GIAC), or similar organization. Cyber related certifications in one or more of the following: in Comp TIA, Comp TIA Security+, GIAC Information Security Fundamentals (GISF), and/or Comp TIA PenTest. Bachelor degree in computer science, Biomedical/Clinical engineering, engineering, engineering technology, health care information systems or related field. COMPANY: KAISER TITLE: IoMT Lead - Cybersecurity Field Team LOCATION: Oakland, California REQNUMBER: 1310662 External hires must pass a background check/drug screen. Qualified applicants with arrest and/or conviction records will be considered for employment in a manner consistent with Federal, state and local laws, including but not limited to the San Francisco Fair Chance Ordinance. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, protected veteran, or disability status.