Medical Device Cybersecurity Engineer (Clinical Engineering / HTM)

We are hiring a Clinical Engineering Cybersecurity Specialist to support a hospital-based medical device cybersecurity program in Far Rockaway, NY. This role focuses on protecting connected clinical and biomedical devices through vulnerability management, risk assessments, and implementation of cybersecurity controls across a regulated healthcare environment.

You will work closely with Hospital IT, Information Security, and Clinical Engineering (HTM) teams to ensure medical devices remain secure, compliant, and operational across enterprise healthcare systems.

Key Responsibilities

• Lead collection and validation of Critical Cybersecurity Data Elements (CDEs) within CMMS asset systems
• Perform risk assessments using manufacturer documentation and cybersecurity frameworks (NIST, ISO 27001)
• Oversee secure configuration and hardening of medical devices per manufacturer and hospital standards
• Manage vulnerability remediation programs, including patching, upgrades, and zero-day response coordination
• Coordinate with device manufacturers, hospital IT, and InfoSec teams for remediation and incident response
• Investigate cybersecurity alerts impacting medical devices and develop technical mitigation recommendations
• Conduct network segmentation validation and support security controls testing for clinical devices
• Track and report vulnerability remediation status, KPIs, and risk reduction metrics
• Support HIPAA, FDA, and Joint Commission audit readiness and compliance reporting
• Provide cybersecurity coaching and training to BMETs and HTM staff

Required Qualifications

• Bachelor's degree or equivalent experience
• 3+ years of experience in medical device cybersecurity, healthcare IT, or clinical engineering (HTM)
• Hands-on experience with CMMS platforms in hospital or enterprise healthcare environments
• Strong knowledge of NIST, ISO 27001, HIPAA, FDA, and Joint Commission requirements
• Proven experience leading vulnerability management, risk assessments, and cross-functional cybersecurity initiatives
• Valid driver's license with acceptable driving record

Preferred Qualifications

• Certifications such as CISSP, HCISPP, CEH, or Security+
• Experience in hospital systems, IDNs, university medical centers, or multi-site healthcare organizations
• Background in biomedical engineering, HTM cybersecurity, or regulated healthcare technology operations

Benefits

• Medical, Dental, and Vision insurance
• 401(k) with employer match
• Paid Time Off and company holidays
• Tuition reimbursement and professional development support
• Wellness programs and additional employee benefits