Clinical Engineering Cybersecurity Specialist

Our client is seeking a Clinical Engineering Cyber Specialist to lead the technical execution of its medical‑device cybersecurity program. This role is responsible for implementing cybersecurity controls, conducting risk assessments, supporting vulnerability remediation, and collaborating closely with clinical engineering, IT, and information security teams to protect medical devices across the hospital environment.

This position is onsite and requires hands‑on work with clinical assets, cybersecurity tools, and cross‑functional teams.

Onsite | No Visa Sponsorship | No Relocation Assistance

Location: Far Rockaway, NY

Responsibilities:

Technical Cybersecurity Operations (Primary Focus)

• Support IT projects that impact medical devices or clinical networks.
• Test and validate network segmentation rules in partnership with hospital IT teams.
• Perform risk assessments for medical devices based on CDEs, configuration, and manufacturer guidance.
• Oversee device configuration to ensure alignment with cybersecurity standards and recommended controls.
• Lead vulnerability remediation, including planned patching, upgrades, and unplanned/zero‑day threat response.
• Collect and validate Critical Cybersecurity Data Elements (CDEs) and manufacturer documentation within the CMMS.
• Coordinate with device manufacturers, IT, and InfoSec teams to validate remediation steps and ensure device availability.
• Investigate cybersecurity alerts affecting medical devices and analyze high‑risk vulnerabilities to develop response recommendations.

Program & Process Support

• Track and report on vulnerability remediation progress, KPIs, and risk‑reduction activities.
• Identify opportunities to improve cybersecurity practices across clinical engineering and IT.
• Maintain quality control of cybersecurity documentation and asset records within the CMMS.

Training & Awareness

• Support cybersecurity education for clinical engineering teams.
• Participate in industry cybersecurity workgroups or forums as a technical representative.
• Coach BMETs on cybersecurity hygiene, device configuration expectations, and out‑of‑box controls.

Regulatory & Compliance Support

• Support enterprise‑level cybersecurity audit activities as needed.
• Provide technical input during hospital audits involving cybersecurity, including HIPAA and Joint Commission.

Qualifications (Must-Haves)

• Valid driver's license and acceptable driving record.
• Ability to collaborate with clinical engineering, IT, InfoSec, and device manufacturers.
• Minimum 3 years of experience in medical‑device cybersecurity or a healthcare technology environment.
• Experience leading technical cybersecurity initiatives, including vulnerability remediation and risk assessments.
• Bachelor's degree in a related field or equivalent hands‑on experience in healthcare cybersecurity, clinical engineering, or medical‑device security operations.
• Strong knowledge of: CMMS platforms, Cybersecurity frameworks (NIST, ISO), FDA and Joint Commission regulatory expectations and HIPAA and healthcare compliance.

Preferred Skills:

• Certifications such as CISSP, HCISPP, CEH, or Security+.
• Experience supporting cybersecurity education or coaching technical teams.
• Familiarity with SIEM tools, vulnerability management platforms, and network segmentation technologies.

Work Environment:

• Full‑time, onsite role supporting a hospital environment.
• Requires hands‑on work with clinical devices, CMMS systems, and cybersecurity tools.
• Collaboration with multiple departments, including clinical engineering, IT, InfoSec, and external manufacturers.

Benefits & Perks:

• Wellness Programs
• Tuition Reimbursement
• Medical, Dental, and Vision
• Career Growth Opportunities
• Paid Time Off and Company Holidays
• 401(k) plan with matching contributions