Medical Device Cybersecurity Analyst

Position Title: Medical Device Cybersecurity Analyst
Location: York Pennsylvania (Hybrid)
Duration: 12 Months

Job Summary

We are seeking a Medical Device Cybersecurity Analyst with a strong healthcare background to support cybersecurity operations across connected medical devices in hospital environments.

This role sits at the intersection of biomedical engineering and information security focusing on monitoring cybersecurity platforms triaging risks and coordinating remediation activities such as patching firmware updates and mitigation strategies. The ideal candidate will have hands-on experience with medical devices asset management systems and healthcare cybersecurity practices.

Key Responsibilities

• Monitor and respond to findings from Intelass medical device cybersecurity and asset management platform.
• Analyze alerts triage risks and coordinate mitigation efforts across hospital environments.
• Create assign and manage security-related work orders within the CMMS system.
• Perform gap analysis between discovered assets and CMMS inventory.
• Ensure timely completion of work orders aligned with defined KPIs.
• Research OEM-approved patches and firmware upgrades; maintain an updated repository.
• Collect and manage MDS2 (Manufacturer Disclosure Statement for Medical Device Security) documentation.
• Generate bi-weekly monthly and quarterly cybersecurity and asset reports.
• Collaborate with clients to implement mitigation strategies and compensating controls.
• Maintain operational security metrics to evaluate effectiveness of controls.
• Assist in threat intelligence monitoring including zero-day vulnerabilities.
• Support development of best practices for risk management of connected medical devices.
• Ensure compliance with healthcare regulations patient safety standards and device governance requirements.
• Participate in internal councils and continuous improvement initiatives.

Required Qualifications

• Hands-on experience with medical equipment maintenance and systems
• Strong understanding of operating systems networking and cybersecurity fundamentals
• Ability to interpret technical documentation and manuals
• Experience working in fast-paced unstructured environments
• Strong analytical skills with high attention to detail
• Excellent written and verbal communication skills
• Willingness to travel (including occasional overnight travel)

Preferred Qualifications

• Healthcare industry experience including Biomedical and Diagnostic Imaging systems
• Knowledge of medical device cybersecurity practices
• Experience with CMMS (Computerized Maintenance Management Systems)
• Familiarity with medical device asset discovery and risk analysis platforms
• Background in process improvement initiatives

Education & Certifications

• Associates degree in Information Technology Biomedical Engineering or related field (required)
• CompTIA Security certification (to be obtained within 35 years of employment)
• BMET (Biomedical Equipment Technician) certification preferred