Sr. IT Auditor Consultant, Hospital Medical Device IT Controls (BHJOB22048_756) - ITmPowered Consulting : Job Details

Sr. IT Auditor Consultant, Hospital Medical Device IT Controls (BHJOB22048_756)

Join to apply for the Sr. IT Auditor Consultant, Hospital Medical Device IT Controls (BHJOB22048_756) role at ITmPowered Consulting.

Overview

Be on the frontlines of Technology Risk in the emerging area of Medical Device Cybersecurity! A large national hospital network can have over 350,000 connected medical devices. Many of these interconnected devices (hospital imaging equipment, patient monitoring, IV pumps, blood spinners) and connected hospital facilities devices (elevators, door locks, ID Card readers) are exposed publicly and vulnerable to cyber-attack. To help protect this large IoMT network, our client is implementing customized IT Controls to secure their Medical Devices, Healthcare Technology Management Operations, and Hospital Facilities connected IT devices.

Role Details

• Contract position based in Atlanta
• Posted 2 years ago

Responsibilities

• Conduct IT Controls Assessments for approximately 20 custom Medical Device cybersecurity controls enterprise-wide.
• Perform full lifecycle audits: scope, plan, fieldwork, reporting, assessing both control design and execution.
• Lead end-to-end IT Controls Assessments, including scoping, planning, controls testing, and reporting.
• Document IT Controls processes and narratives.
• Gather and document detailed control testing artifacts.
• Write comprehensive IT Controls Assessment Reports, including findings, risk severity, and remediation recommendations.
• Assess IT risk controls across various domains such as IAM, network security, logging, vulnerability management, and change management.

Qualifications

• Bachelor's degree in IT, CS, MIS, or related field, or equivalent experience.
• 3-5 years leading end-to-end IT audits.
• CISA certification; CISSP, CCSP, CEH, CRISA, Security+ or similar certifications preferred.
• Experience with IT control frameworks like NIST 800-53, RMF, CSF, HITRUST.
• Knowledge of regulatory frameworks such as HIPAA, PCI, SOX, GDPR.

Preferred Experience

• Hospital environment managing electronic medical devices.
• Experience in medical device cybersecurity or operations.
• Certifications like CHTM, CBET, CABT, CRES, or related cybersecurity certifications.
• Familiarity with hospital Medical Device Management systems like Nuvolo.

Logistics & Requirements

• Remote work in the US, preferably Colorado or Georgia.
• COVID-19 vaccination and booster required or valid medical exemption.
• Successful completion of background check, drug screening, and employment verification.
• Must be a US citizen or Green Card holder; no visa sponsorship available.
• W2 employment only; no sub-vendors.
• Include current contact info on resume.

To apply, email your details to [email protected].

#J-18808-Ljbffr