Tata Consultancy Services

Medical Device Cybersecurity Risk Specialist

Tata Consultancy Services$110K — $120K *
Healthcare
Less than 5 years of experience
Job Overview by Ladders

Qualifications

  • Strong understanding of information security risk management frameworks such as NIST CSF and ISO 27001.
  • Hands-on experience conducting cybersecurity risk assessments and threat modeling.
  • Knowledge of medical device cybersecurity and patient safety considerations.
  • Familiar with healthcare application ecosystems and EHR system interactions.
  • Experience reviewing penetration testing findings for practical mitigation options.
  • Ability to manage risk registers and treatment plans using GRC tools.

Responsibilities

  • Develop and improve the cybersecurity risk management program.
  • Perform qualitative and quantitative risk assessments for diverse systems and vendors.
  • Analyze cybersecurity vulnerabilities and technical risks in medical devices.
  • Partner with teams to track approved risk mitigation strategies.
  • Maintain risk registers, treatment plans, and dashboards.
  • Support implementation of security controls and risk management in projects.
  • Produce recurring risk reports and promote a risk-aware culture.

Benefits

  • Discretionary Annual Incentive.
  • Comprehensive Medical Coverage including dental and vision.
  • Maternal and Parental Leaves.
  • Commuter Benefits and Certification Reimbursement.
  • Vacation, Sick Leave, and Holidays.
  • 401K Plan and Student Loan Refinancing assistance.
Full Job Description
Must Have Technical/Functional Skills
• Strong understanding of information security risk management frameworks such as NIST CSF, ISO 27001 / 27005, FAIR, and COSO.
• Hands-on experience in conducting cybersecurity risk assessments, threat modeling, and evaluating risks across systems, vendors, projects, and business processes.
• Solid knowledge of medical device cybersecurity, including vulnerability analysis, security risk mitigation, and patient safety considerations.
• Familiarity with medical device integration, healthcare application ecosystems, and interactions with EHR systems and third-party healthcare vendor applications.
• Understanding of common cybersecurity controls including network security, endpoint protection, identity and access management, encryption, logging/monitoring, and secure system configuration.
• Experience reviewing penetration testing findings, identifying practical mitigation options, and validating remediation approaches in partnership with vendors or technical teams.
• Ability to maintain and manage risk registers, risk treatment plans, dashboards, and remediation tracking mechanisms using GRC platforms or structured spreadsheet-based tools.
• Working knowledge of cloud security, security operations, and cybersecurity input into SDLC, infrastructure changes, and new service introductions.
• Familiarity with regulatory and compliance expectations relevant to healthcare and medical devices, including cybersecurity documentation and risk-based decision-making.
• Exposure to Agile / Scrum methodologies and cross-functional project execution is highly desirable.
• Ability to research emerging threats, assess business relevance, and proactively recommend risk reduction actions.

Roles & Responsibilities
• Develop, maintain, and continuously improve the organizations cybersecurity risk management program, with emphasis on practical and sustainable risk reduction.
• Perform qualitative and quantitative risk assessments for systems, projects, vendors, healthcare technologies, and business processes.
• Analyze medical device cybersecurity vulnerabilities, penetration testing findings, and technical risks to determine impact, likelihood, and patient/business impact.
• Partner with internal teams, vendors, and business owners to identify, validate, and track approved mitigation strategies and alternative risk treatment options where needed.
• Maintain accurate and up-to-date risk registers, risk treatment plans, issue logs, and risk dashboards.
• Support the selection, implementation, and validation of technical, administrative, and procedural security controls.
• Provide cybersecurity and risk management input into projects, cloud initiatives, system integrations, device onboarding, and service changes.
• Coordinate and support t hird-party/vendor risk assessments, follow-up actions, and remediation closure tracking.
• Translate technical cybersecurity issues into clear business impact statements and communicate them effectively to leadership and non-technical stakeholders.
• Produce recurring risk posture reports, trends, metrics, and remediation summaries for management and governance forums.
• Support incident response activities and perform post-incident risk analysis to identify lessons learned and strengthen controls.
• Promote a strong security and risk-aware culture by engaging with stakeholders, educating teams, and encouraging proactive risk identification.
• Collaborate effectively across cybersecurity, engineering, quality, clinical/biomedical, IT, and vendor teams to ensure balanced decision-making that protects both operations and patient safety.
• Stay current on evolving cybersecurity threats, healthcare technology risks, and relevant compliance expectations.

Salary Range: $110,000- $120,000 a year

TCS Employee Benefits Summary:

Discretionary Annual Incentive.

Comprehensive Medical Coverage: Medical & Health, Dental & Vision, Disability Planning & Insurance, Pet Insurance Plans.

Family Support: Maternal & Parental Leaves.

Insurance Options: Auto & Home Insurance, Identity Theft Protection.

Convenience & Professional Growth: Commuter Benefits & Certification & amp; Training Reimbursement.

Time Off: Vacation, Time Off, Sick Leave & Holidays.

Legal & Financial Assistance: Legal Assistance, 401K Plan, Performance Bonus, College Fund, Student Loan Refinancing.

#LI-SP1

About Tata Consultancy Services

Tata Consultancy Services (TCS) is an Indian multinational information technology (IT) services and consulting company, headquartered in Mumbai, Maharashtra, India. It is a subsidiary of Tata Group and operates in 149 locations across 46 countries. TCS is the largest Indian company by market capitalization and is ranked 11th on the Forbes Global 2000 list of the world's biggest public companies. TCS is also the second-largest IT services company in the world by revenue and the largest employer of women in India. The company provides services in areas including IT, consulting, and business solutions.
Learn more about Tata Consultancy Services
Size
469,261 employees
Industry

Similar Jobs

More Jobs at Tata Consultancy Services

More Healthcare Jobs

Find similar Medical Device Cybersecurity Risk Specialist jobs: