Cybersecurity IOT IOMT Analyst- NY, NY (hybrid)

Job Summary

ESSENTIAL DUTIES AND RESPONSIBILITIES:
Monitors and responds to Crothall’s comprehensive IoT, medical device asset, and cybersecurity management platform findings and mitigating steps.  
Engage and work with Client’s IT department to inform of steps that can be taken on Clients network or enterprise security tools
Correlate and perform GAP analysis on discovered IoT and IoMT devices 
Triage, respond and assign work orders generated from Crothall’s CMMS cybersecurity module as appropriate
Ensure work orders are completed within defined KPI’s and assist on site Crothall resources if needed for successful completion 
Develop and maintain periodic IoT/IoMT cybersecurity risk reports to client IT department
Research and engage OEMs for available approved patches, firmware upgrades, and MDS2 forms
Assist in developing practical strategies to reduce cybersecurity risks related to IoT/IoMT   
Maintain database of approved patches, firmware upgrades, and MDS2 forms
Collaborate and work with Client to respond and coordinate mitigating steps and compensating controls on IoT and contracted medical devices that may arise from Clients passive asset discovery and risk assessment technology
Participate and contribute to Crothall’s CEIT Council
Collaborates with internal stakeholders to identify organizational needs or gaps and develops appropriate cybersecurity strategy
Maintains operational cybersecurity metrics to measure the effectiveness of security controls and identify opportunities for improvement  
Contribute to Crothall’s cybersecurity training 
Assist in threat intelligence gathering, monitoring of zero-day alerts, and development of incident response plans for Clients  
Assist in development and implementation of continued best practices and risk management of IoT/IoMT devices 
Assures compliance with all regulatory standards including patient safety and all relative criteria governing the safe and appropriate use, testing and management of medical devices.

Participate in Client meetings and committees as it applies to medical device security 
Other duties as assigned 

MINIMUM QUALIFICATIONS: 

Knowledge of the operation and prior experience with managing connected IoT/IoMT devices and associated cybersecurity risks
Knowledge of the operation and prior hands-on experience with biomedical equipment and associated systems
2+ years proven experience in cybersecurity 
Experience with process improvement 

PREFERRED QUALIFICATIONS: 
5 years healthcare experience; General knowledge of Biomedical Equipment and Diagnostic Imaging
Experience with cybersecurity in the healthcare environment
Knowledge of Computerized Maintenance Management Systems (CMMS) 
Knowledge of connected medical device asset discovery and risk analysist platforms 

EDUCATION:
Bachelor’s degree in Information Technology or Biomedical Engineering or equivalent required 
Security+ required 
HCISPP, CISPP preferred