Intermountain Healthcare Medical Equipment Data Security Manager in Salt Lake City, Utah

Job ID:220558
Greater Salt Lake area

About Us

What does it mean to be a part of Intermountain Healthcare? It means that the quest for clinical excellence is not just a goal, but a given. It means building an environment where physicians and employees can deliver the best in healthcare. And it’s realizing each employee or volunteer is vital to the healing process, because we can only achieve theextraordinary together .

Being a part of Intermountain Healthcare means joining with a world-class team of over 36,000 employees and embarking on a career filled with opportunities, strength, innovation, and fulfillment. Our mission is: Helping people live the healthiest lives possible.

Our patients deserve the best in healthcare, and we deliver.

Job Description

The Clinical Engineering (CE) Medical Equipment Data Security Manager is responsible for providing management and direction for the development, implementation, and maintenance of policies, procedures, guidelines, processes, technologies, and measurement of the Clinical Engineering program strategy for medical equipment data security. This includes the operational analysis along with the support, prevention, detection and response to medical equipment threats, vulnerabilities, and incidents. Job duties include the management and oversight of medical equipment networking, remote access control, and integration of devices into automated processes for documentation of patient treatment and equipment performance. Additional responsibilities will include a working relationship with Corporate Compliance to ensure CE adherence to regulatory requirements.

Essential Job Duties

Program Strategy, Performance and Measurement

  • 1. Continues the design, maintenance, management, implementation, and strategic direction of the medical device security program.
  • 2. Implements and manages the evaluation of security risk of medical devices for both patients and infrastructure. Conducts and documents risk assessments on clinical areas that utilize medical devices.
  • 3. Establishes and implements incident and vulnerability response plans within the context of medical device security.
  • 4. Manages solutions related to medical device security and communicates with manufacturers and suppliers regarding security data needs, gaps, vulnerabilities, control requirements, risk assessments, and risk mitigation.
  • 5. Coordinates activities, supervision, and management of the CE Equipment Security Specialists.
  • 6. Prioritizes medical equipment security processes, work flows, and risk mitigation strategies.
  • 7. Works with Supply Chain, Cybersecurity, IT Operations, service providers, manufacturers, and all other organizations associated with medical equipment security.
  • 8. Evaluates and works with all interested parties in the process for patch management, virus protection, network segmentation, and medical equipment integration.

Policy Development, Maintenance and Implementation

  • 1. Provides input and assists in the implementation of policies and procedures regarding medical equipment security, networking, and device integration. Communicates policies and procedures to engage the user community, co-workers, and other departments in following processes to maintain medical equipment security.
  • 2. Presents security awareness content and documents the security awareness program roadmap and metrics.

Project Management and Medical Device Security

  • 1. Manages, supervises, or is a part of complex projects that have medical equipment security implications.
  • 2. Informs leadership of specific concerns if security and compliance recommendations are not followed.
  • 3. Develops, evaluates, manages, and communicates options to mitigate medical equipment security risks, based on research, regulatory or standards requirements, technical knowledge, and business knowledge.
  • 4. Participates in CE audits related to medical equipment security or medical equipment management.

Network and Medical Equipment Integration

  • 1. Manages and assists with medical equipment network system design, architecture, and management. Serves as a management resource in LAN/WAN and wireless networks for medical equipment.
  • 2. Assists with on-site analysis, diagnosis, and resolution of medical equipment network problems.

Medical Equipment Management and Regulatory Compliance

  • 1. Participates in assessing and mitigating risk associated with the management and use of medical equipment.
  • 2. Subject matter expert and resource to others in the safety and security of medical equipment.
  • 3. Analyzes the results of internal and external compliance audits, equipment security breaches, equipment service reports, and other CE data to focus on potential education and implementation of corrective action plans to improve processes and work flows to ensure the security of medical equipment.
  • 4. Assists with or manages the compliance of medical equipment as it pertains to information security, equipment security, network security, and mitigation of risks associated with the use of medical equipment.

Posting Specifics

  • Benefits Eligible: Yes
  • Shift Details: full time, exempt
  • Office location: Salt Lake City, Utah

Minimum Requirements

  • Bachelor's degree. Degree must be obtained through an accredited institution. Education is verified.
  • Five years of experience working in Information Technology networks and equipment integrations.
  • Three years of experience working in Healthcare Information Technology.
  • Three years of experience working in healthcare equipment security or cybersecurity operations.
  • Two years of experience in role requiring the use of an asset inventory control system.
  • Two years of experience managing projects requiring strong interpersonal and organizational skills and performing under stress to meet deadlines.
  • Two years of experience in a role requiring knowledge of, and experience with, healthcare regulations.
  • Two years of experience in a role requiring the demonstrated ability to effectively and confidentially advise and interact with all levels of personnel.
  • Experience using word processing, spreadsheet, database, internet, and scheduling applications.
  • Experience in a role demonstrating effective verbal, written, and interpersonal communication skills.

Physical Requirements

  • Interact with others requiring the employee to communicate information.
  • Operate computers and other equipment requiring the ability to move fingers and hands.
  • See and read computer monitors and documents.
  • Remain sitting or standing for long periods of time to perform work on a computer, telephone, or other equipment.

Preferred Qualifications

  • Master's Degree in Biomedical or Clinical Engineering or IT Security. Degree must be obtained through an accredited institution. Education is verified.
  • Five years of experience working in Clinical Engineering Operations.
  • Five years of experience working in healthcare equipment security or cybersecurity operations.

Please Note

All positions subject to close without notice. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or protected veteran status.

Additional Details:

Working Hours 40

Primary Work Location Supply Chain Center

Expertise Information Technology, Business / Administration

Job Type Full Time

Location US-UT-Salt Lake City