FDA Cybersecurity Consultant

About Us

At SafeBeat Rx (YC S21), we are building ECG software that literally saves lives and replaces a hospitalization. Our take-home kit allows patients to start heart meds safely at home, by combining FDA-cleared wearables with our ECG software that catches heart rhythm changes before they become heart attacks. Because we only focus on the software, our FDA and go-to-market pathways are much faster than other biotech/medtech companies. If you want to have a direct impact on millions of patients with heart problems, we'd love to connect. You would be working closely with the founders - two physician-engineers from Stanford/Harvard with a passion for medical innovation.

Read more at our bookface launch: https://bookface.ycombinator.com/posts/55104

‍

About the Role

At SafeBeat Rx, you will play a vital role in ensuring our Software as a Medical Device (SaMD) cybersecurity as we prepare for our FDA 510(k) submission. Your expertise will help safeguard patient safety, data integrity, and confidentiality, ultimately contributing to our mission of transforming cardiac care through innovative technology. This is an exciting opportunity to be part of a cutting-edge healthcare technology startup and work closely with our passionate founders. We’re looking for a cybersecurity consultant who can work part-time, hands-on.

‍

Responsibilities

• Lead Cybersecurity Development: Oversee the creation of the cybersecurity section of the 510(k) submission, ensuring full compliance with FDA cybersecurity guidance for medical devices.
• Cross-functional collaboration: Collaborate with engineering, regulatory, and quality teams to identify and assess cybersecurity risks related to our software.
• Risk Management Planning: Develop and document a comprehensive cybersecurity risk management plan, including threat modeling, risk assessments, and vulnerability analyses.
• Implementation of Security Measures: Guide the implementation of security measures that protect data integrity, confidentiality, and availability, ensuring alignment with regulatory standards (e.g., FDA premarket cybersecurity guidance).
• Security Testing: Conduct security testing, including penetration testing and vulnerability assessments, to identify potential weaknesses in the software.
• Documentation Management: Document cybersecurity controls and provide evidence of mitigations, ensuring traceability between risks and implemented measures.
• Submission Preparation: Prepare and review all cybersecurity documentation required for the 510(k) submission, including cybersecurity risk management reports and incident response plans.
• Stay Informed: Remain up-to-date on emerging cybersecurity threats and regulatory requirements affecting SaMD.

‍

Qualifications

• Proven Experience: Extensive experience with cybersecurity in the medical device or healthcare software field, specifically related to FDA submissions.
• Knowledge of FDA Guidance: In-depth understanding of FDA cybersecurity guidance for medical devices (e.g., FDA's "Content of Premarket Submissions for Management of Cybersecurity in Medical Devices").
• Risk Assessment Skills: Experience conducting risk assessments, threat modeling, and vulnerability testing for medical devices or healthcare software.
• Familiarity with Standards: Knowledge of security standards such as NIST Cybersecurity Framework, IEC 62443, and ISO/IEC 27001.
• Technical Proficiency: Strong understanding of encryption, secure software development lifecycle (SDLC), and access control mechanisms.
• Communication Skills: Excellent communication abilities to work effectively with cross-functional teams in integrating cybersecurity measures into product development.

‍

Preferred Experience

• Background in cybersecurity within regulated environments (e.g., FDA, HIPAA, MDR).
• Experience with cloud-based SaMD cybersecurity and network security.
• Certification in cybersecurity (e.g., CISSP, CISM, CEH) is a plus.

‍

Technology

Our codebase is in Python, React Native, and Django. Our ML models will be built in Tensorflow. Our software automates ECG measurements, recommends drug dosing, and catches rhythm changes before they become heart attacks. Doctors approve our algorithm’s measurements and dosing at every step for safety. Our interface aims for simplicity, based on what we wanted ourselves while treating patients.

‍

How to Apply

Note: This is a syndicated job post, meaning it was not posted to Fractional Jobs directly, so we don't have control over the application process. To apply, click on the "View Application" and follow the application's instructions.