Biomedical Technician III - Medical Device Cybersecurity
- Requisition #: 157291
- Location: Houston, TX
- Posted Date: 3/10/2023
The University of Texas MD Anderson Cancer Center in Houston is one of the world's most respected centers focused on cancer patient care, research, education and prevention. It was named the nation's No. 1 hospital for cancer care in U.S. News & World Report's 2021-2022 rankings. It is one of the nation's original three comprehensive cancer centers designated by the National Cancer Institute.
This position is a hybrid role, acting as a Biomedical Equipment Technician-III (senior level technician or engineer) and as the Clinical Engineering liaison to the Cybersecurity and Information Technology-Information Service (IT-IS) departments. Working on a wide variety of projects, assignments and activities, this role will lead the implementation of the medical device security program, Vulnerability Management process management, prioritizing policies and standards for cybersecurity measures, performing network related support of repair/maintenance and project activities on a wide variety of complex, computerized and networked (wired & wireless) medical systems. Provides guidance and assistance in coordinating ongoing medical device risk analysis and solutions related to Governance and Compliance, using secure solutions to support vulnerabilities and endpoint tools. Supports complex, Priority 1 Life Support equipment that requires specialized training and expertise. This equipment will be inclusive of all
ventilation and anesthesia equipment. Provides technical & On Call support on the analysis, maintenance, calibration, installation and upgrades on ALL modalities of medical, Surgical and scientific electronic equipment. Local Area Network basics meets the needs of equipment support and communication needs. Demonstrate technical support, pre-purchase evaluations, incident investigations and project management for defined equipment for the institution. Coordinate inside/outside vendor support activity to obtain completion of equipment support activity and contract compliance.
Support, Review and Implementation of Medical Device Network Security
- Interpret results of security toolsets and logs to assess risks to the institution and steps for proper mitigation.
- Knowledge of medical device security issues and initiatives, including network troubleshooting, system troubleshooting, ability to read network diagrams and ability to perform computer configuration and assessment.
- Knowledge of information security concepts and domains to apply correct methodologies to bring normal operational processes. (OWASP, CVSS, CIS, CVE etc.) - Knowledge of security systems and tools such as Medigate, web application scanning, encryption, anti-malware, HIDS and EDR.
- Knowledge of application of security controls to computer software and hardware - Vulnerability management including assessing vulnerability reports & scanning from tools such as Medigate, interpreting results, triaging priority, and assisting with remediation planning, working closely with Cybersecurity and IT-IS teams
Demonstrated Technical Competency and Training
- Demonstrate knowledge of computer enterprise hardware, software, cloud, and network security issues, architectures, and approaches.
- Clearly and completely summarize the threat/risk of a vulnerability, mitigations, and compensating controls, including network exposure.
- Detail oriented recording of security procedures, processes, and workflows, demonstrating knowledge of other areas of IT, department processes and procedures. - Understanding of privacy and legal issues in a regulated higher-education healthcare environment as well as industry trends and threats.
- Demonstrate technical support for all modalities of medical, surgical and scientific electronic, equipment and conduct electrical safety inspections for the institution to the component level.
- Customer service and/or technical team(s) support deliver products and services no later than the Project/Assignment Due date.
- Utilization of software skills and Local Area Network basics meeting needs of equipment support and communication needs.
- On Call support will be provided after normal working hours on a rotational basis - Support patient medical equipment pre-purchase evaluations, incident investigations and project management that are consistent with knowledge and experience.
- Coordinates outside support activity with vendors and clients to obtain completion of equipment support activity / contracts.
- Provide Nursing In services on equipment operational issues to reduce Operator Errors while improving patient quality of care
- Demonstrated knowledge of regulatory guidelines and hospital Policy & Procedures that govern Biomed equipment support operations.
- Demonstrating quick adaptation to new technologies appropriately.
Customer Communication related to Equipment support activities and status
- Communicate with clients to obtain access to equipment, resolve equipment issues and minimize equipment downtime resulting in safe / operational equipment to our patients and operators
- Demonstrated interpersonal skills, working effectively utilizing open and constructive lines of communication with various organizational levels, teams and customers throughout alerts responses and mitigation of network security threat analysis and investigation, communicating general medical device repair status in conversations and emails, in a financially responsible manner.
Other duties as assigned
Education: Associate degree in Biomedical Technology (BMET) or Electronic Engineering.
Preferred Education: Bachelor's Level Degree
Certification Required: None
Preferred Certification: Applicable certifications (PMP, CBET, CompTIA Core/CCNA/MTA/equivalent).
Experience Required: Four years of Biomedical Technology experience. May substitute required education degree with additional years of equivalent experience on a one to one basis.
Preferred Experience: Six years as a Biomedical Equipment Technician, Field Service Engineer, Medical Equipment Support Specialist or Information Technology (Cybersecurity) Specialist supporting related medical equipment security activities.
Onsite Presence: Is Required
It is the policy of The University of Texas MD Anderson Cancer Center to provide equal employment opportunity without regard to race, color, religion, age, national origin, sex, gender, sexual orientation, gender identity/expression, disability, protected veteran status, genetic information, or any other basis protected by institutional policy or by federal, state or local laws unless such distinction is required by law. http://www.mdanderson.org/about-us/legal-and-policy/legal-statements/eeo-affirmative-action.html
Additional Information
#LI-Onsite
This position is a hybrid role, acting as a Biomedical Equipment Technician-III (senior level technician or engineer) and as the Clinical Engineering liaison to the Cybersecurity and Information Technology-Information Service (IT-IS) departments. Working on a wide variety of projects, assignments and activities, this role will lead the implementation of the medical device security program, Vulnerability Management process management, prioritizing policies and standards for cybersecurity measures, performing network related support of repair/maintenance and project activities on a wide variety of complex, computerized and networked (wired & wireless) medical systems. Provides guidance and assistance in coordinating ongoing medical device risk analysis and solutions related to Governance and Compliance, using secure solutions to support vulnerabilities and endpoint tools. Supports complex, Priority 1 Life Support equipment that requires specialized training and expertise. This equipment will be inclusive of all
ventilation and anesthesia equipment. Provides technical & On Call support on the analysis, maintenance, calibration, installation and upgrades on ALL modalities of medical, Surgical and scientific electronic equipment. Local Area Network basics meets the needs of equipment support and communication needs. Demonstrate technical support, pre-purchase evaluations, incident investigations and project management for defined equipment for the institution. Coordinate inside/outside vendor support activity to obtain completion of equipment support activity and contract compliance.
Support, Review and Implementation of Medical Device Network Security
- Interpret results of security toolsets and logs to assess risks to the institution and steps for proper mitigation.
- Knowledge of medical device security issues and initiatives, including network troubleshooting, system troubleshooting, ability to read network diagrams and ability to perform computer configuration and assessment.
- Knowledge of information security concepts and domains to apply correct methodologies to bring normal operational processes. (OWASP, CVSS, CIS, CVE etc.) - Knowledge of security systems and tools such as Medigate, web application scanning, encryption, anti-malware, HIDS and EDR.
- Knowledge of application of security controls to computer software and hardware - Vulnerability management including assessing vulnerability reports & scanning from tools such as Medigate, interpreting results, triaging priority, and assisting with remediation planning, working closely with Cybersecurity and IT-IS teams
Demonstrated Technical Competency and Training
- Demonstrate knowledge of computer enterprise hardware, software, cloud, and network security issues, architectures, and approaches.
- Clearly and completely summarize the threat/risk of a vulnerability, mitigations, and compensating controls, including network exposure.
- Detail oriented recording of security procedures, processes, and workflows, demonstrating knowledge of other areas of IT, department processes and procedures. - Understanding of privacy and legal issues in a regulated higher-education healthcare environment as well as industry trends and threats.
- Demonstrate technical support for all modalities of medical, surgical and scientific electronic, equipment and conduct electrical safety inspections for the institution to the component level.
- Customer service and/or technical team(s) support deliver products and services no later than the Project/Assignment Due date.
- Utilization of software skills and Local Area Network basics meeting needs of equipment support and communication needs.
- On Call support will be provided after normal working hours on a rotational basis - Support patient medical equipment pre-purchase evaluations, incident investigations and project management that are consistent with knowledge and experience.
- Coordinates outside support activity with vendors and clients to obtain completion of equipment support activity / contracts.
- Provide Nursing In services on equipment operational issues to reduce Operator Errors while improving patient quality of care
- Demonstrated knowledge of regulatory guidelines and hospital Policy & Procedures that govern Biomed equipment support operations.
- Demonstrating quick adaptation to new technologies appropriately.
Customer Communication related to Equipment support activities and status
- Communicate with clients to obtain access to equipment, resolve equipment issues and minimize equipment downtime resulting in safe / operational equipment to our patients and operators
- Demonstrated interpersonal skills, working effectively utilizing open and constructive lines of communication with various organizational levels, teams and customers throughout alerts responses and mitigation of network security threat analysis and investigation, communicating general medical device repair status in conversations and emails, in a financially responsible manner.
Other duties as assigned
Education: Associate degree in Biomedical Technology (BMET) or Electronic Engineering.
Preferred Education: Bachelor's Level Degree
Certification Required: None
Preferred Certification: Applicable certifications (PMP, CBET, CompTIA Core/CCNA/MTA/equivalent).
Experience Required: Four years of Biomedical Technology experience. May substitute required education degree with additional years of equivalent experience on a one to one basis.
Preferred Experience: Six years as a Biomedical Equipment Technician, Field Service Engineer, Medical Equipment Support Specialist or Information Technology (Cybersecurity) Specialist supporting related medical equipment security activities.
Onsite Presence: Is Required
It is the policy of The University of Texas MD Anderson Cancer Center to provide equal employment opportunity without regard to race, color, religion, age, national origin, sex, gender, sexual orientation, gender identity/expression, disability, protected veteran status, genetic information, or any other basis protected by institutional policy or by federal, state or local laws unless such distinction is required by law. http://www.mdanderson.org/about-us/legal-and-policy/legal-statements/eeo-affirmative-action.html
Additional Information
- Requisition ID: 157291
- Employment Status: Full-Time
- Employee Status: Regular
- Work Week: Days
- Minimum Salary: US Dollar (USD) 66,500
- Midpoint Salary: US Dollar (USD) 83,000
- Maximum Salary : US Dollar (USD) 99,500
- FLSA: non-exempt and eligible for overtime pay
- Fund Type: Hard
- Work Location: Onsite
- Pivotal Position: Yes
- Referral Bonus Available?: Yes
- Relocation Assistance Available?: Yes
- Science Jobs: No
#LI-Onsite
