Medical Device Cybersecurity Engineer; Clinical Engineering​/HTM

Job Overview

We are seeking a Clinical Engineering Cyber Specialist to support and lead medical device cybersecurity operations within a hospital environment. This role is responsible for implementing cybersecurity controls, performing device risk assessments, managing vulnerability remediation, and partnering closely with Hospital IT, Information Security, and medical device manufacturers.

You will play a key role in protecting clinical systems by ensuring medical devices remain secure, compliant, and operational in alignment with healthcare cybersecurity standards.

• Lead collection and validation of Critical Cybersecurity Data Elements (CDEs) within CMMS systems
• Perform risk assessments on medical devices using manufacturer documentation and cybersecurity frameworks
• Oversee the secure configuration of medical devices in alignment with the manufacturer and hospital cybersecurity standards

• Manage planned vulnerability remediation (patching, upgrades, mitigation planning)
• Lead response to unplanned threats, including zero-day vulnerabilities
• Investigate cybersecurity alerts impacting medical devices and develop mitigation recommendations
• Track, document, and report remediation status and cybersecurity KPIs

• Coordinate with Hospital IT, Info Sec teams, and medical device vendors to resolve security issues
• Support network segmentation validation and related cybersecurity controls
• Provide technical guidance for IT projects impacting clinical devices

• Support HIPAA, FDA, and Joint Commission cybersecurity compliance activities
• Contribute to audit readiness and cybersecurity reporting
• Identify opportunities to improve HTM cybersecurity practices and documentation quality

• Support cybersecurity awareness training for HTM teams and BMETs
• Coach staff on device cybersecurity hygiene and best practices
• Participate in industry cybersecurity forums and working groups

• Bachelor's degree or equivalent experience
• Minimum 3 years of experience in medical device cybersecurity, HTM, clinical engineering, or healthcare technology environments
• Hands-on experience with CMMS platforms and medical device asset management
• Strong understanding of cybersecurity frameworks (NIST, ISO)
• Working knowledge of FDA guidance, HIPAA, and Joint Commission requirements
• Experience with vulnerability management, risk assessments, and technical remediation coordination
• Valid driver's license with acceptable driving record

• CISSP, HCISPP, CEH, or CompTIA Security+ certification
• Experience working in hospital systems, integrated delivery networks (IDNs), or large healthcare environments
• Background in biomedical engineering (BMET), HTM, or clinical engineering teams
• Familiarity with network segmentation and healthcare IoT/medical device security

• Medical, dental, and vision insurance
• 401(k) with employer match
• Paid time off and holidays
• Tuition reimbursement and career development opportunities
• Additional benefits provided upon hire