Sr. Manager, Medical Device Cyber Security
About The Position
Passionate about precision medicine and advancing the healthcare industry? Recent advancements in underlying technology have finally made it possible for AI to impact clinical care in a meaningful way. Tempus' proprietary platform connects an entire ecosystem of real-world evidence to deliver real-time, actionable insights to physicians, providing critical information about the right treatments for the right patients, at the right time. The Role As the Medical Device Cybersecurity Senior Manager, you will own the medical device cyber security program at Tempus AI. You will act as the crucial bridge between enterprise-wide security strategy and product-level medical device technical execution. You will partner closely with R&D, Product Management, Regulatory Affairs, and Quality to integrate security into the device lifecycle ("shift-left"), ensure adherence to FDA cybersecurity guidelines, and enabling Pre-Market submissions as well as Post-Market surveillance of Tempus Medical Devices.
Requirements
- 7+ years of technical experience in information security in the tech or healthcare industry.
- Deep understanding of FDA Cybersecurity Guidance (Pre-market and Post-market), ISO 14971, and ISO 13485
- Proficiency in threat modeling methodologies (STRIDE, PASTA) and secure architecture design.
- Ability to manage several programs at once and work proactively to align multi-disciplinary stakeholders.
- Excellent written and verbal communication skills, including the ability to act as translator among diverse teams of biologists, medical professionals, engineers, operators, and data scientists.
Nice To Haves
- Industry-recognized certifications such as CISSP, HCISPP, CISM, or relevant SANS certifications are preferred.
Responsibilities
- Develop, implement, and continuously mature the Medical Device Cybersecurity roadmap, policies, and Standard Operating Procedures (SOPs), aligning them with the overarching enterprise data security strategy.
- Partner with R&D and engineering teams to embed secure-by-design principles and Secure Software Development Life Cycle (SSDLC) practices into medical device development.
- Define and manage the strategy for Software Bill of Materials (SBOM) generation and maintenance across all device product lines.
- Coordinate with Cloud Security, Application Security, and Vulnerability Management Information Security teams to integrate their services into Tempus Medical Devices.
- Ensure device design and lifecycle management align with FDA pre-market and post-market cybersecurity guidelines.
- Author, review, and maintain cybersecurity documentation required for regulatory submissions (e.g., 510(k), De Novo, PMA).
- Coordinate with the Quality Management team to integrate cybersecurity into the enterprise Quality Management System (QMS).
- Mentor, and develop the Medical Device Cybersecurity Analyst(s), guiding their daily tactical execution, vulnerability assessments, and professional growth.
- Serve as the primary Subject Matter Expert (SME) for Medical Device Cybersecurity across the organization and provide education to cross-functional teams on the program.
- Oversee the continuous monitoring, vulnerability scanning, and patching strategies for deployed medical devices.
- Manage engagements with penetration testing conducting assessments on Tempus hardware and embedded systems
Benefits
- incentive compensation
- restricted stock units
- medical and other benefits depending on the position
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Manager
Education Level
No Education Listed
