LCAT Cyber Security Engineer, Senior
Location 1100 1st Street, Washington, DC
Role Biomedical Cybersecurity Engineer (PIDs 1724-1725)
Support the Department of Veterans Affairs (VA) Electronic Health Record Modernization (EHRM) program and serve as a Biomedical Cybersecurity Engineer to support Cybersecurity and interagency issues.
Streamline the EHRM rollout, specifically MedMod system connectivity to ensure all timelines and deployments are met on or ahead of schedule. To accomplish the additional resources are required for the following tasks:
• Gather ERA artifacts and coordinate with SDSD for ATO and ATC Submission. Provide education to future VISNs on the updated ERA requirements.
• Development and training on a Cybertracker for clear communication on status of MedMOD Systems. Inform gap analysis for future VISNs to planning mitigation activities (upgrades, licenses, configurations requirements)
• Provide live, automated cyber updates to Leadership for ATCs, CRs, and connectivity dates through clear dashboards.
• Assist in PPSM development.
• Assist auditing and reviewing MedMod 6A/6B inventories. Creation of POAMs statements as needed.
• Assist with Firewall ruleset development. Development of standard templates across deployment sites.
• Assist onsite support for inventory analysis as needed.
• Assist in the development of enterprise standard configuration guides to meet cyber best practices (i.e Welch Allyn, SkyVue, CCE Admin Tool, etc.)
• Assist in SharePoint management.
• Work with VHA HTM members who are coordinating with existing VA OEHRM GMO Biomedical leadership and help review and validate the documentation regarding the designs for medical systems, to include devices, to facilitate VA timelines and existing systems.
• Serve as senior policy and engineering lead on medical device isolation and other biomedical device security concerns. Able to understand current DoD and VA cybersecurity guidance as it relates to Healthcare Technology. Able to understand the use of VLANs and use of logical separation of devices based on risk characterization.
• Provide leadership on implementation of Risk Management Framework based on in-depth knowledge of VA processes, procedures, and policy. Specifically, as it relates to the inclusion of FDA and other Medical device rules into managing a joint infrastructure.
• Work with JCOIC members who are coordinating with existing VA OEHRM GMO Biomedical leadership and help mitigate any risks based on VA cybersecurity designs.
• Reviewing and validation of the documentation regarding the designs for medical systems, to include devices, to facilitate VA timelines and existing
• Knowledge of current Healthcare standards (e.g. HL7 FHIR, CCDA) to
• facilitate information exchange, as well as Interoperability coordination between VA and its community care providers over a Health Information Exchange.
• Provide technical strategies and guidance for implementation of the Risk Management Framework to support VA Authority to Operate/Authority to Connect activities.
• Provide evaluations in the form of technical guidance, white papers, and strategy briefs on Cyber Security Tools, network topologies.
• Minimum of 10 years of experience. An additional 10 years of experience may be substituted for degree requirements.
• Extensive IT experience in all aspects of Cyber Security with a vast array of IT systems involving end user as well as enterprise level networks.
• Experience in designing and implementing systems that meet agency Cyber Security policy and regulations.
• Extensive experience in Cyber Security Tools, network topologies, intrusion detection, PKI, and secured networks.
• Master's Degree in computer science, electronics engineering or other engineering or technical discipline.
• Strong Oral and written communication skills
• Familiarity with EHR Systems
• Experience with eMass
• Experience with BioMedical Devices
• Understanding of Medical Device security
• Experience in the VA
• Experience implementing Electronic Health Records