Leading and supporting the implementation of medical device cybersecurity strategies!
Sodexo is seeking a BMET Cybersecurity Specialist to oversee and execute critical technical components of our healthcare cybersecurity program. This role leads the implementation of cybersecurity controls, performs risk assessments, and collaborates closely with hospital IT and InfoSec teams to ensure the security and availability of medical devices. The ideal candidate will bring strong technical leadership, a proactive approach to threat mitigation, and a deep understanding of healthcare regulatory requirements.
Lead the collection of critical cybersecurity data elements (CDEs) and manufacturer documentation in CMMS, and conduct risk assessments based on those findings.
Oversee configuration of medical devices to align with cybersecurity standards and manufacturer guidelines.
Manage planned and unplanned vulnerability remediation efforts, including response to zero-day threats and coordination with device manufacturers.
Collaborate with hospital IT teams to test and validate network segmentation rules and support IT projects that impact medical devices.
Investigate cybersecurity alerts on medical devices, analyze high-risk vulnerabilities, and develop response recommendations.
Track and report on vulnerability remediation activities while identifying opportunities to improve cybersecurity practices across HTM and IT.
Support HTM cybersecurity education, coach BMETs on best practices, and represent Sodexo in industry cybersecurity forums.
Provide guidance during hospital and enterprise audits, including HIPAA and Joint Commission reviews, ensuring alignment with cybersecurity requirements.
Compensation is fair and equitable, partially determined by a candidate's education level or years of relevant experience. Salary offers are based on a candidate's specific criteria, like experience, skills, education, and training. Sodexo offers a comprehensive benefits package that may include:
More extensive information is provided to new employees upon hire.
Bachelor’s degree in information technology, Biomedical Engineering, Cybersecurity, or a related field (or equivalent experience).
Experience in medical device cybersecurity or a healthcare technology environment.
Strong knowledge of CMMS platforms, cybersecurity frameworks (e.g., NIST, ISO), and FDA/Joint Commission regulations.
Experience collaborating with clinical engineering, IT, and InfoSec teams.
Proven ability to lead technical projects and drive cross-functional alignment.
Relevant certifications (e.g., CISSP, HCISPP, CEH, or Security+) preferred.
At Sodexo, our purpose is to create a better everyday for everyone and build a better life for all. We believe in improving the quality of life for those we serve and contributing to the economic, social, and environmental progress in the communities where we operate. Sodexo partners with clients to provide a truly memorable experience for both customers and employees alike. We do this by providing food service, catering, facilities management, and other integrated solutions worldwide.
Our company values you for you; you will be treated fairly and with respect, and you can be yourself. You will have your ideas count and your opinions heard because we can be a stronger team when you’re happy at work. This is why we embrace diversity and inclusion as core values, fostering an environment where all employees are valued and respected. We are committed to providing equal employment opportunities to individuals regardless of race, color, religion, national origin, age, sex, gender identity, pregnancy, disability, sexual orientation, military status, protected veteran status, or any other characteristic protected by applicable federal, state, or local law. If you need assistance with the application process, please complete this form.
Minimum Education Requirement: Bachelor’s degree or equivalent experience
Minimum Functional Experience: 3 years