Patch Management Analyst

Employer
SpecPro Technical Services (STS) Group
Location
Frederick, MD
Posted
Apr 20, 2017
Closes
Apr 21, 2017
Function
Analyst, Management
Industry
Healthcare
Hours
Full Time
Patch Management Analyst shall assist the entire CE Team in developing standardized medical device patch management processes by performing the following: Monitors DoD, DHA, and AF notifications for required medical device software updates and patches. Develops and implement a comprehensive database to track medical device compliance for all required security updates and patches. Serves as liaison between CE Teams and medical device manufactures during the manufacture security update and patch validation process. Uses Automated Security Clearance Approval Systems (ACAS)/other DoD security scanning software and coordinates with network operations centers to obtain required security scans of assigned medical devices. Ensures medical device manufacturer validated patches are installed on the associate medical devices. This may be via coordination with manufactures under a support agreement, through an automated patch server, or manual installation. Reviews medical device scan and patch compliance with the MDIS PMO and coordinates updates to IA certification documentation. Manages, maintains, and coordinates the use of software applications and tools that provide automated patching solutions to medical devices used in AF MTFs. Conducts research, evaluates, and provides recommendations to CE Leadership on acquisition and deployment strategies for automated patching solutions that could be used to increase medical device security patch compliance. Bachelor of Science in Computer Science or five (5) years, within the last 7 years, commensurate experience in developing C&A artifacts/documentation, IA/Cybersecurity, or systems/network engineering. Minimum of three (3) years of experience in patch management for medical devices, to include general knowledge of automated patching tools such as Dell KACE, Microsoft System Center Configuration Manager (SCCM), or equivalent patch management software applications. In addition, the contractor shall have two (2) years' experience with the ACAS or other security scanning software. Contractor personnel shall have a working knowledge of how medical devices/systems work and interface with other medical devices and medical Automated Information Systems (AISs). Contractor personnel shall fully understand security requirements as it relates to all types of C&A (RMF, DIACAP, PIT, etc.). Contractor personnel shall also have a basic understanding of the relationship between commercial-off-the-shelf medical devices, the Food and Drug Administration regulatory requirements, medical device lifecycle management, and the AF Medical Service's (AFMS) use of these devices. Contractor personnel shall be a CISSP or CISM and maintain the certification in good standing in accordance with (IAW) DoD 8570.01-M Active Secret Clearance Required Company Description: -sol.com/