Job Description

Job Overview

We are seeking a highly specialized Biomedical Cybersecurity Engineer to join our healthcare cybersecurity team in Jaipur, Rajasthan. The Biomedical Cybersecurity Engineer will be responsible for securing medical devices, Internet of Medical Things (IoMT) ecosystems, and biomedical equipment across healthcare facilities and hospital networks for enterprise and multinational clients. This role requires deep technical expertise in medical device security, healthcare IoT security, regulatory compliance (FDA, IEC 62304, IEC 81001-5-1), and the ability to coordinate with medical device OEMs for vulnerability management and patch deployment. The ideal candidate will have hands-on experience with medical device security platforms, understanding of clinical workflows, and proven track record of implementing cybersecurity controls in healthcare environments without disrupting patient care.?

Key Responsibilities

Medical Device Security Assessment:

Conduct comprehensive cybersecurity assessments of biomedical devices including patient monitoring systems, infusion pumps, ventilators, imaging equipment (MRI, CT, X-ray), surgical robots, implantable devices, laboratory equipment, and IoMT ecosystems to identify vulnerabilities and security risks.?

IoMT Security Architecture:

Design and implement secure Internet of Medical Things (IoMT) architectures including network segmentation for medical devices, microsegmentation strategies, secure device onboarding, identity-based access controls, and defense-in-depth security frameworks tailored to healthcare environments.?

Medical Device Security Platform Management:

Deploy, configure, and manage specialized medical device security platforms such as Claroty Healthcare, Medigate (Claroty), Cynerio, Asimily, Armis Healthcare, or similar IoMT security solutions for asset discovery, vulnerability management, threat detection, and continuous monitoring.?

Regulatory Compliance and Standards:

Ensure medical device cybersecurity implementations comply with healthcare regulations and standards including FDA Pre-Market Cybersecurity Guidance, IEC 62304, IEC 81001-5-1 (network security for medical devices), IEEE 2621, HIPAA Security Rule, HITECH Act, and NIST Cybersecurity Framework for Healthcare.?

OEM Coordination and Vendor Management:

Establish and maintain relationships with medical device Original Equipment Manufacturers (OEMs) including coordinating security advisories, obtaining vulnerability disclosures, validating security patches, managing end-of-life device risks, and ensuring OEM support for cybersecurity remediation.?

Medical Device Patch Management:

Develop and implement patch management programs specific to medical devices including risk-based prioritization, clinical impact assessment, testing in non-production environments, coordination with biomedical engineering teams, change control procedures, validation testing, and deployment scheduling to minimize patient care disruption.?

Risk Assessment and Clinical Safety:

Perform medical device-specific risk assessments balancing cybersecurity risks with patient safety considerations, clinical workflow impacts, and operational continuity using methodologies aligned with ISO 14971 (medical device risk management) and healthcare threat modeling.?

Network Segmentation for Medical Devices:

Implement network segmentation strategies for medical devices including VLAN isolation, microsegmentation, zone-based architectures, secure clinical networks, isolation of legacy devices, and enforcement of least-privilege access policies.?

Threat Detection and Monitoring:

Deploy and operate continuous monitoring solutions for medical device networks including anomaly detection, behavioral analysis, protocol monitoring, lateral movement detection, and integration with hospital SOC/SIEM platforms for real-time threat visibility.?

Vulnerability Management:

Establish comprehensive vulnerability management programs for medical devices including automated scanning (where safe), manual assessments, vulnerability prioritization using CVSS and clinical impact scoring, compensating controls for unpatchable devices, and remediation tracking.?

Client Consulting and Advisory:

Engage with multinational healthcare organizations, hospital networks, medical device manufacturers, and healthcare delivery organizations to assess biomedical cybersecurity posture, develop security strategies, and guide implementation of medical device security programs.?

Incident Response for Medical Devices:

Develop and execute incident response procedures specific to medical device security incidents including containment strategies that preserve patient safety, forensic investigation of compromised devices, coordination with clinical teams, regulatory reporting, and recovery procedures.?

FDA Pre-Market and Post-Market Cybersecurity Support:

Support medical device manufacturers with FDA cybersecurity requirements including pre-market submission documentation (510(k), PMA), Software Bill of Materials (SBOM), cybersecurity risk management, and post-market surveillance and monitoring.?

Clinical Workflow Integration:

Work closely with clinical engineering, biomedical engineering, IT, nursing, and clinical operations teams to integrate security controls while maintaining clinical workflows, patient care continuity, and device availability.?

Security Awareness and Training:

Deliver specialized training programs for biomedical engineering teams, clinical staff, IT personnel, and hospital leadership on medical device cybersecurity threats, secure clinical practices, incident reporting, and security awareness.?

Qualifications

Experience

5-6 years of hands-on experience in biomedical cybersecurity, medical device security, healthcare IT security, or IoMT security with proven track record of securing medical devices and healthcare environments for multinational healthcare organizations, hospital networks, or medical device manufacturers.?

Certifications

Required:

Healthcare Information Security and Privacy Practitioner (HCISPP) - ISC2 Certified Information Systems Security Professional (CISSP) or GIAC Security Essentials (GSEC) Healthcare IT certifications such as Certified Healthcare Technology Specialist (CHTS) or Healthcare IT Technician (HIT)

Preferred:

IEEE 2621 Medical Device Cybersecurity Certification Certified Biomedical Equipment Technician (CBET) or Certified Laboratory Equipment Specialist (CLES) GIAC Critical Infrastructure Protection (GCIP) ISA/IEC 62443 Cybersecurity Fundamentals Specialist Certified in Healthcare Privacy and Security (CHPS) Medical device security platform certifications (Claroty, Medigate, Cynerio, Asimily) FDA Cybersecurity for Medical Devices training or equivalent

Technical Skills

Deep expertise in medical device security including patient monitors, infusion pumps, imaging systems, ventilators, anesthesia machines, surgical equipment, laboratory analyzers, and implantable devices? Hands-on experience with medical device security platforms such as Claroty Healthcare (Medigate), Cynerio, Asimily, Armis Healthcare, or Palo Alto Networks IoT Security for Healthcare? Strong understanding of Internet of Medical Things (IoMT) security architecture, device discovery, asset inventory management, and continuous monitoring? Knowledge of medical device communication protocols including HL7, DICOM, FHIR, Bluetooth Medical, and proprietary device protocols? Experience with network segmentation and microsegmentation for healthcare environments including medical device isolation and zone-based security architectures? Proficiency in healthcare compliance requirements including HIPAA Security Rule, HITECH Act, FDA cybersecurity guidance, and international medical device regulations? Understanding of medical device regulatory frameworks including FDA 510(k) pre-market submissions, IEC 62304, IEC 81001-5-1, ISO 14971, and IEEE 2621? Experience coordinating with medical device OEMs for vulnerability disclosures, security patches, technical documentation, and security validation? Knowledge of healthcare IT infrastructure including Electronic Health Record (EHR) systems, PACS, clinical information systems, and medical device integration? Familiarity with vulnerability assessment tools suitable for medical device environments and non-disruptive security testing methodologies? Understanding of clinical workflows, patient safety considerations, and operational impacts when implementing security controls in healthcare settings? Experience with SIEM integration for healthcare environments and correlation of medical device security events? Knowledge of wireless medical device security including Wi-Fi, Bluetooth, cellular, and RF communication security? Understanding of legacy medical device challenges including unsupported operating systems, unpatched vulnerabilities, and compensating control strategies?

Education

Bachelor's degree in Biomedical Engineering, Electrical Engineering, Cybersecurity, Information Technology, Computer Science, or related technical field with specialization or coursework in medical devices, healthcare IT, or biomedical systems (or equivalent professional experience with relevant certifications and demonstrable medical device security expertise).

Soft Skills

Excellent communication skills to explain medical device security risks and technical concepts to clinical staff, biomedical engineers, hospital administrators, and non-technical healthcare stakeholders Strong coordination abilities to work effectively with medical device OEMs, clinical engineering teams, IT departments, and healthcare operations? Patient safety mindset understanding that security controls must never compromise patient care or clinical outcomes Analytical problem-solving skills to balance cybersecurity requirements with clinical operational needs and regulatory compliance? Collaborative approach to work across multidisciplinary healthcare teams including clinicians, nurses, biomedical engineers, IT professionals, and security teams? Cultural sensitivity when working in healthcare environments and understanding of clinical priorities and patient care workflows Project management capabilities to handle multiple hospital engagements and coordinate complex medical device security implementations

Additional Requirements

Deep understanding of healthcare delivery environments including hospitals, clinics, ambulatory surgery centers, diagnostic centers, and medical device manufacturing facilities Knowledge of healthcare-specific threat landscape including ransomware targeting hospitals, medical device vulnerabilities, supply chain risks, and nation-state threats to healthcare Experience with FDA cybersecurity requirements for medical device manufacturers including pre-market cybersecurity documentation and post-market surveillance? Understanding of clinical safety and patient risk considerations when implementing security controls or performing security assessments Familiarity with biomedical engineering practices, medical device maintenance procedures, and clinical technology management Experience working with multinational healthcare organizations across different geographical regions and understanding of international medical device regulations? Commitment to continuous learning and staying current with emerging medical device vulnerabilities, healthcare cyber threats, FDA guidance updates, and IoMT security technologies Willingness to work flexible hours including occasional after-hours maintenance windows to minimize impact on patient care operations Ability to travel to healthcare facilities, hospitals, medical device manufacturing sites, and client locations for assessments and implementations Background clearance suitable for working in healthcare environments with access to sensitive patient care areas

How to Apply

To apply for this position, email your resume to job2026@thefourthcommand.com

Subject Line Format:

FC_BIOMEDICAL_[YOUR FULL NAME]_RESUME

Resume Requirements

Your resume must include the following information:

Last Company Details:

Name of your most recent employer, duration of employment (in years/months), job title, and comprehensive description of biomedical cybersecurity responsibilities and healthcare projects delivered

Medical Device Security Experience:

Detailed hands-on experience including: Types of biomedical devices secured (patient monitors, infusion pumps, imaging systems, ventilators, surgical equipment, etc.) Healthcare environments worked in (hospitals, clinics, medical device manufacturers, healthcare networks) Specific security projects (assessments, implementations, monitoring, incident response) Clinical departments and specialties supported (ICU, OR, radiology, laboratory, cardiology, etc.) Scale of deployments (number of devices, facilities, beds)

Medical Device Security Platforms:

Hands-on experience with specialized platforms including: Claroty Healthcare (Medigate) Cynerio Asimily Armis Healthcare Palo Alto Networks IoT Security for Healthcare Other IoMT security or asset management platforms Deployment, configuration, and operational experience with each platform

OEM Coordination Experience:

Details of your work with medical device manufacturers including: OEM partnerships established (Philips, GE Healthcare, Siemens Healthineers, Medtronic, BD, Baxter, etc.) Security coordination activities performed Vulnerability management and patch coordination processes Technical documentation and security validation obtained from OEMs

Patch Management Projects:

Specific examples of medical device patch management initiatives including: Devices and systems patched Clinical risk assessment and mitigation strategies Testing and validation procedures Coordination with biomedical engineering and clinical teams Downtime management and patient care continuity measures

Client and Healthcare Experience:

Details of multinational healthcare organizations and clients including: Healthcare delivery organizations (hospital networks, health systems, clinics) Medical device manufacturers or healthcare technology vendors Geographical regions and countries served Types of healthcare facilities (tertiary care, specialty hospitals, ambulatory, etc.) Project scope, complexity, and outcomes

Regulatory Compliance Experience:

Familiarity with healthcare regulations and medical device standards including: FDA cybersecurity guidance and submissions IEC 62304, IEC 81001-5-1, IEEE 2621 HIPAA Security Rule implementation ISO 14971 risk management Regional healthcare regulations (UAE ADHICS, EU MDR, etc.)

Certifications:

Complete list of biomedical cybersecurity certifications including: Certification name (HCISPP, CISSP, CHTS, IEEE 2621, CBET, etc.) Issuing organization Year obtained and validity status Certification ID or credential number

Technical Skills:

Comprehensive list of: Medical device types and manufacturers you have secured Healthcare IT systems and clinical integration experience Network segmentation and security architectures implemented Vulnerability assessment tools and methodologies used SIEM and monitoring platforms configured for healthcare

Educational Background:

Degree details including specialization (biomedical engineering, electrical engineering, healthcare IT, cybersecurity), institution, and year of completion

Clinical Environment Experience:

Description of your experience working in healthcare settings, understanding of clinical workflows, and collaboration with clinical teams

Passport Size Photograph:

A recent passport size photograph must be included on your resume (mandatory requirement)
Incomplete applications or resumes missing any of the above requirements will not be considered for evaluation.

Job Type: Full-time

Pay: ₹300,000.00 - ₹800,000.00 per year

Work Location: In person