Senior / Engineer, Biomedical Engineering (2 Years Contract)
Broad Function
As part of BME cybersecurity team to prevent and manage cybersecurity risks associated with medical equipment and servers. This includes monitoring system health, implementing patches and enhancing safety. Collaborate with IT team to establish escalation processes for cyber incidents, develop contingency plans, and implement recovery procedures. Focuses on policy implementation and controls measures to ensure compliance and mitigate risks.
Key Responsibilities and Duties
Specific
i. Assess and address the cybersecurity risks of non-compliance to policy requirement during the acquisition of medical equipment, this includes new equipment and equipment on loan from vendor.
ii. Report and present any non-compliance to policy requirement to seek MOH endorsement
iii. Document cybersecurity risk assessment reports and review cybersecurity risks whenever there are changes for medical equipment configuration or requirement.
iv. Update the Risk Registration for medical equipment and ensure mitigation control for all IT related risks are implemented.
v. Ensure medical equipment software is up to date upon delivery and plan for patches and updates throughout its lifespan.
vi. Monitor equipment MDOTS compliance status during its lifecycle.
vii. Participate in IT-related projects involving medical equipment.
viii. Collaborate with the IT team and vendors on server planning and software installation for medical equipment.
ix. Continuously monitor the health status and vulnerability of medical equipment and servers.
x. Work closely with end users during medical equipment cyber incidents, ensuring mitigation controls are implemented before releasing the equipment back into services.
General
i. Collaborate with IT team to support new equipment onboarding activities and related projects
ii. Provide BME/IT support to ensure medical equipment complies with MDOTS policy guidelines and controls at any stage of its lifecycle.
iii. Perform all other tasks and duties as directed by Head of BME
Job Requirement
Education / Training / Experience
i. Degree in Computer Science, Information Technology related to cybersecurity field with at least 3 years of healthcare or cybersecurity assessment experience for Engineer.
ii. Degree in Computer Science, Information Technology related to cybersecurity field with at least 5 years of healthcare or cybersecurity assessment experience for Senior Engineer.
iii. Experience with various security tools and products (Fortify, AppScan, Nessus etc.)
Professional License (if any)
i. Preferable if candidate possess certification such as OSCP, CREST, CEH, CISSP, AWS,
CISA, CISM or any cloud service security specialty.
Attributes
i. Strong interpersonal skills, able to communicate effectively to different stakeholders with
diverse backgrounds.
ii. Vigilant and systematic in identifying cybersecurity risks and enjoys analysing and
investigating such issue.
iv. Good team player, able to communicate well both verbally and in writing.
v. Familiar with cybersecurity standards, protocols and frameworks, and policy of MDOTS,
HIM-ISP, etc.
vi. Demonstrate strong technical foundation and willingness to learn new technology and
approaches
Others
i. Required to be activated back on site to support cybersecurity and IT related incident
management and investigation as necessary.
Please be informed that only applications submitted through NHG Career Webpage (corp.nhg.com.sg/Careers), WH Career Webpage (wh.sg/joinus), JobStreet Singapore (jobstreet.com.sg), Singapore Medical Association (sma.org.sg), Singapore Nurses Association (sna.org.sg), MyCareersFuture.sg, LinkedIn and WHC appointed recruitment agencies will be considered. If you are accessing this job posting from another recruitment channel, please visit the official channels mentioned above