Cyber Security-Product Development Support Specialist
OverviewLMI is seeking an experienced USAMMDA Cyber Security-Product Development Support Specialist to support our DoD customer with the advanced development, fielding, maintenance and sustainment of military medical equipment.
This hybrid position (partial onsite, partial remote work) supports our client at Fort Detrick, MD and our LMI office is within 10 miles of Fort Detrick.
At LMI, we're reimagining the path from insight to outcome at the new speed of possible.
Combining a legacy of over 60 years of federal expertise with our innovation ecosystem, we minimize time to value and accelerate mission success.
We energize the brightest minds with emerging technologies to inspire creative solutioning and push the boundaries of capability.
LMI advances the pace of progress, enabling our customers to thrive while adapting to evolving mission needs.
USAMMDA is the largest Department of Defense's (DoD) medical materiel development activity designed to protect and preserve the lives of Warfighters.
USAMMDA develops, modernizes, procures, and fields new drugs, vaccines, medical devices and support equipment that enhances readiness, ensuring the provision of the highest quality medical care to the DoD and maximizing survival of medical casualties on the battlefield.
Responsibilities The cyber security developer will serve as a technical expert concerning programmatic information technology (IT) security/information assurance (IA), cybersecurity, and Risk Management Framework.
The cyber security developer will provide program development support in planning, developing, implementing, and maintaining medical device equipment (MDE) security programs to ensure the confidentiality, integrity, and availability of MDE systems, networks, and data/information programs.
The cyber security developer will provide advice and guidance on a wide range and variety of complex IT, cybersecurity, and RMF issues, which cover development and modernization program systems and services.
The cyber security developer will provide cybersecurity and RMF programmatic support on programming techniques, equipment characteristics, systems, and network software characteristics for MDE.
The cyber security developer will be knowledgeable in DoD, DA, DHA, and National Institute of Standards and Technology (NIST) security regulation standards, including information technology security/information assurance laws, regulations, standards, principles, practices, and concepts in order to evaluate the effectiveness of cybersecurity and RMF procedures and operations used in product development to safeguard all MDEs.
Program elements include security management, software security, IT equipment security, procedural security, data communications security, and Protected Health Information (PHI) security.
The cyber security developer will ensure that MDE design complies with DOD and Army IA requirements and participates in IPT recommending system changes and modifications to ensure the development of related system security measures.
The cyber security developer will review and evaluate the security impact of MDE system changes, including interfaces with other systems.
The cyber security developer will support the government in ensuring all MDE systems are operated and maintained according to higher authority regulations.
The cyber security developer will support the conduct of threat and vulnerability inspections and identify technical vulnerabilities, risk assessments, and determine effective measures to minimize such risks.
The cyber security developer will prepare and report inspection findings/recommendations to the government cybersecurity representative.
The cyber security developer will support the management of the review of systems audit trails and ensure the thorough investigation of discrepancies.
The cyber security developer will conduct threat and vulnerability security awareness requirements training for IPTs.
The cyber security developer will provide expert advice/guidance pertinent to IA and cybersecurity program policies, guides, and procedures during all stages of the MDE acquisition process.
The cyber security developer will participate as an integrated product team member in conducting broad and comprehensive cybersecurity reviews, investigations, and studies for development and modernization programs to evaluate the cybersecurity posture of MDE.
The cyber security developer will support the enforcement of security policies and safeguards for MDE systems, including recommending stopping system operation if warranted by the seriousness of security violations.
The cyber security developer will support the development of cybersecurity plans, local policy guidance, regulations, and procedures, and standard operating procedures to ensure regulatory requirements are followed.
The cyber security developer will conduct and participate in various cybersecurity/RMF meetings with IPTs, Army, and DHA organizational elements and representatives of other commands to plan, evaluate, and determine appropriate measures needed to ensure programmatic security requirements are met.
The cyber security developer will be knowledgeable about security-related information technologies and tools such as Internet Protocol Suite (IP), Domain Name Service (DNS), Authentication, Remote Access, Routing and Switching, Public Key Infrastructure (PKI), Identity and Access Management, Encryption, and Assured Compliance Assessment Solution (ACAS)/Numerical Evaluation of Stochastic Structures Under Stress (NESSUS) scans.
The work requires in-depth analysis of MDE cybersecurity postures.
The cyber security developer will be knowledgeable about the Defense adaptive acquisition framework processes.
Qualifications Education:
Bachelor's Degree in Information Technology or Related Field
Experience:
10 years' experience Required:
Ability to obtain NACI (background investigation) Desired:
Seven (7) years of experience with medical product development, DoD T&E requirements, and regulatory approval processes Medical Product Development:
Experience with medical product development, particularly in the context of cybersecurity and information assurance for medical device equipment (MDE).
DoD T&E Requirements:
Familiarity with DoD Test and Evaluation (T&E) requirements, procedures, and protocols related to cybersecurity testing and validation of MDE systems.
Regulatory Approval Processes:
Knowledge of regulatory approval processes for medical devices, including cybersecurity considerations, to ensure compliance with relevant laws and standards (e.
g.
, regulations, medical device cybersecurity guidance).
Communication with Regulators:
Ability to effectively communicate with regulatory agencies and authorities regarding cybersecurity aspects of medical product development and approval.
Documentation and Reporting:
Strong skills in documenting cybersecurity measures, risk assessments, and security findings, and presenting them in clear and concise reports.
Continuous Learning:
Demonstrated commitment to continuous learning and staying updated with the latest developments in medical device cybersecurity, regulations, and industry best practices.
Recommended Skills Authentications Confidentiality Cryptography Dns Information Assurance Integrated Product Team Estimated Salary: $20 to $28 per hour based on qualifications.
This hybrid position (partial onsite, partial remote work) supports our client at Fort Detrick, MD and our LMI office is within 10 miles of Fort Detrick.
At LMI, we're reimagining the path from insight to outcome at the new speed of possible.
Combining a legacy of over 60 years of federal expertise with our innovation ecosystem, we minimize time to value and accelerate mission success.
We energize the brightest minds with emerging technologies to inspire creative solutioning and push the boundaries of capability.
LMI advances the pace of progress, enabling our customers to thrive while adapting to evolving mission needs.
USAMMDA is the largest Department of Defense's (DoD) medical materiel development activity designed to protect and preserve the lives of Warfighters.
USAMMDA develops, modernizes, procures, and fields new drugs, vaccines, medical devices and support equipment that enhances readiness, ensuring the provision of the highest quality medical care to the DoD and maximizing survival of medical casualties on the battlefield.
Responsibilities The cyber security developer will serve as a technical expert concerning programmatic information technology (IT) security/information assurance (IA), cybersecurity, and Risk Management Framework.
The cyber security developer will provide program development support in planning, developing, implementing, and maintaining medical device equipment (MDE) security programs to ensure the confidentiality, integrity, and availability of MDE systems, networks, and data/information programs.
The cyber security developer will provide advice and guidance on a wide range and variety of complex IT, cybersecurity, and RMF issues, which cover development and modernization program systems and services.
The cyber security developer will provide cybersecurity and RMF programmatic support on programming techniques, equipment characteristics, systems, and network software characteristics for MDE.
The cyber security developer will be knowledgeable in DoD, DA, DHA, and National Institute of Standards and Technology (NIST) security regulation standards, including information technology security/information assurance laws, regulations, standards, principles, practices, and concepts in order to evaluate the effectiveness of cybersecurity and RMF procedures and operations used in product development to safeguard all MDEs.
Program elements include security management, software security, IT equipment security, procedural security, data communications security, and Protected Health Information (PHI) security.
The cyber security developer will ensure that MDE design complies with DOD and Army IA requirements and participates in IPT recommending system changes and modifications to ensure the development of related system security measures.
The cyber security developer will review and evaluate the security impact of MDE system changes, including interfaces with other systems.
The cyber security developer will support the government in ensuring all MDE systems are operated and maintained according to higher authority regulations.
The cyber security developer will support the conduct of threat and vulnerability inspections and identify technical vulnerabilities, risk assessments, and determine effective measures to minimize such risks.
The cyber security developer will prepare and report inspection findings/recommendations to the government cybersecurity representative.
The cyber security developer will support the management of the review of systems audit trails and ensure the thorough investigation of discrepancies.
The cyber security developer will conduct threat and vulnerability security awareness requirements training for IPTs.
The cyber security developer will provide expert advice/guidance pertinent to IA and cybersecurity program policies, guides, and procedures during all stages of the MDE acquisition process.
The cyber security developer will participate as an integrated product team member in conducting broad and comprehensive cybersecurity reviews, investigations, and studies for development and modernization programs to evaluate the cybersecurity posture of MDE.
The cyber security developer will support the enforcement of security policies and safeguards for MDE systems, including recommending stopping system operation if warranted by the seriousness of security violations.
The cyber security developer will support the development of cybersecurity plans, local policy guidance, regulations, and procedures, and standard operating procedures to ensure regulatory requirements are followed.
The cyber security developer will conduct and participate in various cybersecurity/RMF meetings with IPTs, Army, and DHA organizational elements and representatives of other commands to plan, evaluate, and determine appropriate measures needed to ensure programmatic security requirements are met.
The cyber security developer will be knowledgeable about security-related information technologies and tools such as Internet Protocol Suite (IP), Domain Name Service (DNS), Authentication, Remote Access, Routing and Switching, Public Key Infrastructure (PKI), Identity and Access Management, Encryption, and Assured Compliance Assessment Solution (ACAS)/Numerical Evaluation of Stochastic Structures Under Stress (NESSUS) scans.
The work requires in-depth analysis of MDE cybersecurity postures.
The cyber security developer will be knowledgeable about the Defense adaptive acquisition framework processes.
Qualifications Education:
Bachelor's Degree in Information Technology or Related Field
Experience:
10 years' experience Required:
Ability to obtain NACI (background investigation) Desired:
Seven (7) years of experience with medical product development, DoD T&E requirements, and regulatory approval processes Medical Product Development:
Experience with medical product development, particularly in the context of cybersecurity and information assurance for medical device equipment (MDE).
DoD T&E Requirements:
Familiarity with DoD Test and Evaluation (T&E) requirements, procedures, and protocols related to cybersecurity testing and validation of MDE systems.
Regulatory Approval Processes:
Knowledge of regulatory approval processes for medical devices, including cybersecurity considerations, to ensure compliance with relevant laws and standards (e.
g.
, regulations, medical device cybersecurity guidance).
Communication with Regulators:
Ability to effectively communicate with regulatory agencies and authorities regarding cybersecurity aspects of medical product development and approval.
Documentation and Reporting:
Strong skills in documenting cybersecurity measures, risk assessments, and security findings, and presenting them in clear and concise reports.
Continuous Learning:
Demonstrated commitment to continuous learning and staying updated with the latest developments in medical device cybersecurity, regulations, and industry best practices.
Recommended Skills Authentications Confidentiality Cryptography Dns Information Assurance Integrated Product Team Estimated Salary: $20 to $28 per hour based on qualifications.
|
|
 | |
