Logo
Kaiser Permanente

Biomedical / IoMT Specialist--Cybersecurity Field Team Job at Kaiser Permanente

Kaiser Permanente, San Francisco, CA, United States


Description: Job Summary:

Supports the technical and inventory activities associated with the delivery of cybersecurity controls for medical, non-medical, and other IoT end point devices as a part of Kaiser Permanente's comprehensive cybersecurity program.

Essential Responsibilities:

  • Utilize hardening guides to coordinate and execute controls to reduce the potential attack surface in the medical and non-medical device environment.
  • Work with other Healthcare Technology Management (HTM) professionals in delivering a robust cybersecurity program.
  • Work with clinical operations to coordinate access to the medical device through a combination of virtual and onsite support to address high/critical vulnerabilities.
  • Collect and validate device and network attributes to ensure a complete and compliant device inventory records.
  • Partner with application owners to ensure the medical device IT controls are compliant and functioning by tracking and reporting of vulnerability remediation activities.
  • Build stakeholder relationships with key vendors, KP cybersecurity consultants and program leads, system administrators, application owners and network strategy consultants.
  • Travel within the local market, as well as other markets, to deploy device cyber controls, perform device inventory management, and support cyber threat responses.
  • Flex to support and work on non-medical end point devices in Facilities, Security, Pharmacy, Research, Lab, and Optical.
  • Stay current with the latest cybersecurity related trends and best practices.
  • May perform other relevant duties and responsibilities as required.
Basic Qualifications:

Experience

  • Minimum five (5) years' experience in IT, biomedical engineering, and/or cybersecurity within a healthcare environment. To include the following:
  • Minimum three (3) years working in IT or operations: 1) Experience with information technology related to workstations, networking, integration, and interoperability of clinical technologies; 2) Experience placing device hardening controls such as firewall configurations, disabling ports/protocols/services/applications, micro-segmentation, securing wireless communication, installing anti-malware software or agents, credential management, network/device scanning, and/or support secured vendor remote access; and 3) Experience utilizing network and cybersecurity tools such as Tanium, Phosphorus, CyberArk, ForeScout, Armis, HANK, BlueCat, Nemo, Arujohn, CrowdStrike, Qualys, or Splunk.
  • Minimum 3 years in Biomedical experience with HTM or clinical technology (i.e., devices and systems) used in at least two of the following clinical specialties and related clinical practices: 1) Performing corrective and planned maintenance activities on medical devices; Analyzing and correcting equipment malfunctions to include engaging the manufacturer to troubleshoot and resolve the issue; OR 2) Working with HTM modalities, radiologic technology, safety requirements, electrical and mechanical systems, networking theory, and Regulatory standards governing all aspects of imaging equipment.

Education

  • Associate degree or vocational certificate in biomedical instrumentation maintenance and repair, engineering, engineering technology, health care information systems or related field, OR Equivalent DOD Biomedical military training.
  • High school diploma or General Educational Development (GED).

License, Certification, Registration

  • Driver's License (in location where applicable)


Additional Requirements:

  • In-depth technical knowledge of HTM or clinical technology (i.e., devices and systems) used in at least two clinical specialties along with an understanding of the related clinical practices.
  • In-depth knowledge of information technologies as they relate to workstations, networking, integration, and interoperability of clinical technologies.
  • Knowledge and experience placing device hardening controls such as firewall configurations, disabling ports/protocols/services/applications, micro-segmentation, securing wireless communication, installing anti-malware software or agents, credential management, network/device scanning, and/or support secured vendor remote access.
  • Experience in routinely performed corrective and planned maintenance activities on medical devices.
  • Analyzes and corrects equipment malfunctions to include engaging the manufacturer to troubleshoot and resolve the issue.
  • Ability to restores equipment to manufacturers specifications in collaboration with clinical personnel to correct operator-based problems.
  • Experience utilizing network and cybersecurity tools such as Tanium, Phosphorus, CyberArk, ForeScout, Armis, HANK, BlueCat, Nemo, Arujohn, CrowdStrike, Qualys, or Splunk.
  • Ability to follow the manufacturers operational and maintenance instruction manuals.
  • Familiar with HTM modalities, radiologic technology, safety requirements, electrical and mechanical systems, networking theory, Regulatory standards governing all aspects of imaging equipment.
  • Ability to work effectively in a Labor/Management Partnership environment.


Preferred Qualifications:

  • Clinical engineering experience within a healthcare technology management department.
  • Bachelor degree in computer science, Biomedical/Clinical engineering, engineering, engineering technology, health care information systems or related field.
  • BMET Certification in one or more of the following in medical instrumentation by military, RSTI, ACI, HIMSS, ACCE, ISC2, SANS (GIAC), or similar organization.
  • Cyber related certifications in one or more of the following: in Comp TIA, Comp TIA Security+, GIAC Information Security Fundamentals (GISF), and/or Comp TIA PenTest.

#LI-DB1

Primary Location: California,San Francisco,San Francisco 2425 Geary Hospital
Additional Locations:

La Mesa Medical Offices, 8080 Parkway Dr., La Mesa,California, 91942
Santa Clara Hospital, 700 Lawrence Express Wy., Santa Clara,California, 95051
Scheduled Weekly Hours: 40
Shift: Day
Workdays: Mon, Tue, Wed, Thu, Fri
Working Hours Start: 08:00 AM
Working Hours End: 05:00 PM
Job Schedule: Full-time
Job Type: Standard
Worker Location: Flexible
Employee Status: Regular
Employee Group/Union Affiliation: NUE-PO-01|NUE|Non Union Employee
Job Level: Individual Contributor
Department: Oakland Reg - 1800 Harrison - National Clinical Technology - 0308
Pay Range: $96800 - $130900 / year Kaiser Permanente strives to offer a market competitive total rewards package and is committed to pay equity and transparency. The posted pay range is based on possible base salaries for the role and does not reflect the full value of our total rewards package. Actual base pay determined at offer will be based on labor market data and a candidate's years of relevant work experience, education, certifications, skills, and geographic location.
Travel: Yes, 75 % of the Time
Flexible: Work location is on-site at a KP location, with the flexibility to work from home. Worker location must align with Kaiser Permanente's Authorized States policy. At Kaiser Permanente, equity, inclusion and diversity are inextricably linked to our mission, and we aim to make it a part of everything we do. We know that having a diverse and inclusive workforce makes Kaiser Permanente a better place to receive health care, a more supportive partner in our communities we serve, and a more fulfilling place to work. Working at Kaiser Permanente means that you agree to and abide by our commitment to equity and our expectation that we all work together to create an inclusive work environment focused on a sense of belonging and wellbeing.

Kaiser Permanente is an equal opportunity employer committed to a diverse and inclusive workforce. Applicants will receive consideration for employment without regard to race, color, religion, sex (including pregnancy), age, sexual orientation, national origin, marital status, parental status, ancestry, disability, gender identity, veteran status, genetic information, other distinguishing characteristics of diversity and inclusion, or any other protected status. Submit Interest