Skip to main content

Program Manager, Medical IT Risk

Requisition R030399 Market Home Office Bond Hill Department SS I&T - Info Security Shift Days Schedule Full-time

Thank you for considering a career at Bon Secours Mercy Health!

Develops and administers information security risk-management program for broad range of critical networked medical devices. Understands workflows in acute and ambulatory care delivery areas: nursing; laboratory; cardiology; radiology; pharmacy; ICU, ED, surgery, respiratory, and homecare. Assesses impact of security capabilities with oversight for risk properties of patient safety, care effectiveness and data security.


  • Oversee the execution of the Medical Device Risk Management Process and Risk Assessment process when incorporating medical devices onto the Medical IT-Network.
  • Informs key Medical Device stakeholders (e.g., Clinical Engineering, Supply Chain, medical device manufacturers, risk management personnel, other suppliers of IT software, services, or infrastructure, facilities management, clinical users, and technical support.)
  • Responsible for coordinating with the Clinical Engineering team and Information Services team to track and remediate medical device information security risk, updates to the Computerized Maintenance Management System (CMMS), and identify medical devices that require risk assessments.
  • Ensure that software and hardware risk control measures within medical devices are successfully implemented.
  • Maintain documentation obtained from Medical Device Manufacturers (e.g., MDS2 forms, technical documentation, configuration documentation, etc.), providers of other information technology, and other risk management related documentation (e.g., Security Assessment Results, Security Risk Acceptance Decisions, etc.) in the Medical IT-Network Risk Management File.
  • Stay up-to-date with relevant federal (FDA), international (ISO-80001), national, and state regulations and industry guidance around medical IT-networks and medical devices.
  • Presentation and communication skills; interacting with leadership team
  • Complex project management and data management skills
  • Building consensus among security and operational teams with differing priorities
  • Excellent documentation skills, attention-to-detail
  • The ability to weigh and prioritize business risks, the ability to enforce appropriate information security measures with a high degree of integrity and trust, capable of working independently
  • Solid technical skills (application and operation system hardening, risk assessments, security audits, transmission control protocol/internet protocol (TCP/IP), intrusion detection systems, firewalls, etc.)


  • Required Education: Bachelor's Degree in Biomedical/Clinical Engineering or related field. Master's degree preferred.
  • Required Certification: Senior security engineering or security auditing certification with ISC2 (CISSP), ISACA or SANS and/or certification in Clinical Engineering technology from ACCE or AAMI.
  • Minimum Years of Experience: 5 years experience in healthcare delivery in biomed/clinical engineering management role
  • 5 years of information security engineering or auditing experience.

  • 5 years of information security engineering or auditing experience.

Bon Secours Mercy Healthis an equal opportunity employer.

We’ll also reward your hard work with:

  • Comprehensive, affordable medical, dental and vision plans
  • Prescription drug coverage
  • Flexible spending accounts
  • Life insurance w/AD&D
  • An employer-matched 403(b) for those who qualify
  • Paid time off
  • Educational Assistance
  • And much more

Scheduled Weekly Hours:


Work Shift:



SS I&T - Info Security

All applicants will receive consideration for employment without regard to race, color, national origin, religion, sex, sexual orientation, gender identity, age, genetic information, or protected veteran status, and will not be discriminated against on the basis of disability. If you’d like to view a copy of the affirmative action plan or policy statement for Mercy Health – Youngstown, Ohio or Bon Secours – Ashland, Kentucky, which are Affirmative Action and Equal Opportunity Employers, please email If you are an individual with a disability and would like to request a reasonable accommodation as part of the employment selection process, please contact The Talent Acquisition Team at

Apply Now
Luis F., RN

I wanted to get into a career where I’m happy to go to work.

Luis F. RN
Check Out This Location Loctaion icon View Map
Back to top