Cybersecurity Specialist

Title 21 Vacancy Announcement

 

Department of Health and Human Services (HHS)

Food and Drug Administration (FDA)

Center for Devices and Radiological Health (CDRH)

Office of Strategic Partnerships and Technology Innovation (OST)

Division of All Hazards Response, Science and Strategic Partnerships (DARSS) __________________________________________________________________

Series: The position of may be filled by candidates from the following occupational series: Regulatory Counsel (301), General Engineer (0801), Computer Engineer (0854), Mathematics (1520), Mathematical Statistician (1529), Statistician (1530), and Computer Science (1550)

Location(s):  Silver Spring, Maryland, FDA headquarters, White Oak Campus

Travel Requirements: This position may require up to 25% travel.

Application Period:  Friday, September 24, 2021, through Friday, October 22, 2021

Salary: Salary starts at $122,530.00 and is commensurate with education and experience

Conditions of Employment: United States Citizenship is required.

Special Notes: This position is being filled under an excepted hiring authority, Title 21, Section 3072 of the 21st Century Cures Act. The candidate selected for this position will serve under a career or career-conditional appointment and be paid under the provisions of the authority. Additional information on 21st Century Cures Act can be found here.

Introduction:

The Food and Drug Administration (FDA or Agency) is the regulatory, scientific, public health and consumer protection agency responsible for ensuring all human and animal drugs, medical devices, cosmetics, foods, food additives, drugs and medicated feeds for food producing animals, tobacco and radiation emitting devices safe, and effective.

     The mission of the Center for Devices and Radiological Health (CDRH or Center) is to protect and promote the public health by performing essential public health tasks by ensuring  that medical devices and radiation emitting products are safe and effective for people in the United States.  Within CDRH, the Office of Strategic Partnerships and Technology Innovation (OST or Office) provides leadership for all scientific collaborative and emerging technology related activities at CDRH.  Its Division of All Hazards Response, Science and Strategic Partnerships (DARSS) (DARSS)  is organization which  leads  all scientific collaboration efforts and emerging technology related activities at the Center.

Position Summary:

As an experienced Cybersecurity specialist at CDRH,  you will join a dedicated and cohesive multidisciplinary team where you will have the opportunity to share your medical device security and safety expertise and build upon your scientific, technical, and regulatory knowledge by working with renowned cyber security, information security, threat prevention, and medical countermeasure experts. Your work will be essential in assisting the Office in ensuring the appropriate security of medical devices.  In this role, you will report to Assistant Director of the All Hazards Readiness, Response, and Cybersecurity Team (ARC or Team) and be challenged with assisting the Team, Division, and Office to develop cybersecurity policies and procedures that will allow for the safety and security of medical devices. 

Duties/Responsibilities:

As a Cybersecurity Specialist you will perform the following duties:

• With an intense focus on medical device safety, reliability, and protecting patient health information, you will utilize your vast cybersecurity expertise to provide policy input on regulatory submissions from industry, across the total product lifecycle of networked, non-worked, and mobile medical devices to assess and evaluate potential threats and vulnerabilities, which could negatively impact the health of patients.

• Provide expert guidance and share recommendations, with Team, Division, and Office leadership on medical device cybersecurity protocols, processes, needs, and solutions. 

• Engage and educate Office colleagues and leadership on data as an integral enterprise asset within the current ecosystem and the importance of proper data governance, security, management, and stewardship to guard against threats.
• Collaborate with intra-Office cross-functional teams to develop health technology security standards, policies, and procedures related to regulatory review of medical devices and diagnostic equipment to minimize potential cybersecurity threats and to address vulnerabilities of networked, network capable, and mobile medical devices medical devices.
• Serve as a scientific and technical cybersecurity consultant to Division and Office leadership, as well as industry, advisory panels, patient advisory organizations, and the health care community on trends, significant concerns, and reported adverse event regarding the identification of threats and vulnerabilities of medical devices and diagnostic equipment.
• Proactively identify and share technology trends and emerging science that may influence and reshape cybersecurity decisions, recommended practices and technologies, medical device development and manufacturing, the medical device review process, and policy.
• Conduct detailed assessments of product security analysis submissions involving medical device software, hardware, technologies involving radio-frequency identification (RFID), wired and mobile technology, and safety measures such as encryption and client/patient authentication.
• As a subject matter expert, collaborate with Division and Office leadership to update or develop new regulations, processes, and protocols to address new regulatory pathways in the review of novel medical devices and diagnostic equipment with emerging technologies.    
• Utilize cybersecurity expertise to critically assess medical device vulnerabilities and develop and implement optimal replicable strategies and solutions, using current and proven techniques and technologies to resolve these concerns.
• Collaborate in the development of new strategies to address current and future cybersecurity concerns with Office colleagues across functional areas, industry, device manufacturers, healthcare providers, patients, staff, and other stakeholders in the medical device and cybersecurity communities.
• Represent ARC at Division, Office, Center, working group, industry, patient advocacy, and scientific and professional meetings, where you will share your expertise regarding cybersecurity, medical device compromise, and threat mitigation.
• Identify emerging technologies that could be used to improve medical device safety, reliability, and security to mitigate actual and/or potential cybersecurity threats and vulnerabilities.

 

Professional Experience/Key Requirements:

To qualify for this position, you must possess technical experience including:

• Broad knowledge of medical devices, IT and cybersecurity infrastructure experience, and practical experience in applying techniques to mitigate security risks.
• Knowledge and experience of security protection principles related to personal identifiable information, such as electronic health records, human research subject data from clinical trials, and clinical systems.
• Ability to skillfully and effectively interpret and present complex scientific and technical cybersecurity information and concepts, in both written and oral formats, to diverse audiences.
• Ability to contribute and work effectively in a team environment

Desirable Education:

Applicants with degrees in cybersecurity, computer science, computer engineering, engineering, mathematics or related fields are highly desired.  Additionally, certifications from CompTIA, CEH, CBET, or SANS are preferred.

Basic Qualifications:

Candidates must possess the required individual occupational requirements to qualify for the appropriate series applicable to the position. Please use the following link to determine the series for which you qualify: https://www.opm.gov/policy-data-oversight/classification-qualifications/general-schedule-qualification-standards/#url=List-by-Occupational-Series

Conditions of Employment:

• One-year probationary period may be required.
• Background and/or Security investigation required.
• U.S. citizenship is required.
• All applicants born male, on (or after) 12/31/1959, must be registered with the Selective Service System OR have an approved exemption. Visit www.SSS.gov for more info.
• This position is subject to strict prohibited financial interest regulations which could restrict the type of financial interest (stock holdings) for the employee, the spouse, and minor children of the employee.  For additional information on the prohibited financial interests, please visit the FDA Ethics and Integrity Office website at https://www.fda.gov/about-fda/jobs-and-training-fda/ethics.

How to Apply: Submit an electronic resume or curriculum vitae, cover letter containing a brief summary of scientific accomplishments, SF-50 (if applicable), and a copy of unofficial transcripts all in one document (Adobe PDF) to CDRHRecruitment@fda.hhs.gov, with Job Reference code “2021-OST-LKI-03” in the subject line. Applications will be accepted through October 22, 2021.

Equal Employment Opportunity Policy

The United States Government does not discriminate in employment on the basis of race, color, religion, sex (including pregnancy and gender identity), national origin, political affiliation, sexual orientation, marital status, disability, genetic information, age, membership in an employee organization, retaliation, parental status, military service, or other non-merit factor.

• Equal Employment Opportunity (EEO) for federal employees & job applicants

Reasonable Accommodation Policy

Federal agencies must provide reasonable accommodation to applicants with disabilities where appropriate. Applicants requiring reasonable accommodation for any part of the application process should follow the instructions in the job opportunity announcement. For any part of the remaining hiring process, applicants should contact the hiring agency directly. Determinations on requests for reasonable accommodation will be made on a case-by-case basis.

A reasonable accommodation is any change to a job, the work environment, or the way things are usually done that enables an individual with a disability to apply for a job, perform job duties or receive equal access to job benefits.

Under the Rehabilitation Act of 1973, federal agencies must provide reasonable accommodations when:

• An applicant with a disability needs an accommodation to have an equal opportunity to apply for a job.
• An employee with a disability needs an accommodation to perform the essential job duties or to gain access to the workplace.
• An employee with a disability needs an accommodation to receive equal access to benefits, such as details, training, and office-sponsored events.

You can request a reasonable accommodation at any time during the application or hiring process or while on the job. Requests are considered on a case-by-case basis.

Learn more about disability employment and reasonable accommodations or how to contact an agency.

The Department of Health and Human Services is an equal opportunity employer with a smoke free environment.

FDA is an equal opportunity employer.