We’re looking for a candidate to fill this position in an exciting company.
Participate and work with IT team on assessing cybersecurity risk and validating compliance for medical equipment procurement
Facilitate and support deviation report process, including deviation report preparation, presentation, coordination of user endorsement and management authorisation up to approval from MOH
Document cybersecurity risk assessment report and review cybersecurity deviation regularly
Maintain a record of Risk Registration of medical equipment and ensure mitigation control for all IT related risk is implemented
Ensure medical equipment software to be the latest version when it is delivered and plan for patches and updates during equipment lifespan
Take part in medical equipment IT related project and provide necessary support
Work with IT team and vendor on medical equipment server planning and software installation
Oversee health status and vulnerability of medical equipment and servers
Degree in Computer Science, Information Technology related to cybersecurity field with at least 7 years of healthcare or relevant experience; or
Degree in Engineering with at least 10 years of experience in network security and/or system security and/or cybersecurity domain
Experience with various security tools and products (Fortify, AppScan, Nessus etc.)
Preferably if candidate possess certification such as OSCP, CREST, CEH, CISSP, AWS, CISA, CISM or any cloud service security specialty
Strong interpersonal skills, able to communicate effectively to different stakeholders with diverse backgrounds
Vigilant and systematic in identifying cybersecurity risks and enjoys analysing and investigating such issue
Strong leadership skills and good team player, able to communicate well both verbally and in writing
Familiar with cybersecurity standards, protocols and frameworks, and policy of MDOTS, HIM-ISP, etc
Demonstrate strong technical foundation and willingness to learn new technology and approaches
Required to be activated back on site to support cybersecurity and IT related incident management and investigation as necessary