The RoleAs the Medical Device Cybersecurity Senior Manager, you will own the medical device cyber security program at Tempus AI. You will act as the crucial bridge between enterprise-wide security strategy and product-level medical device technical execution. You will partner closely with R&D, Product Management, Regulatory Affairs, and Quality to integrate security into the device lifecycle ("shift-left"), ensure adherence to FDA cybersecurity guidelines, and enabling Pre-Market submissions as well as Post-Market surveillance of Tempus Medical Devices.
What You'll Do- Program Management & Strategy Execution:
- Develop, implement, and continuously mature the Medical Device Cybersecurity roadmap, policies, and Standard Operating Procedures (SOPs), aligning them with the overarching enterprise data security strategy.
- Product Security & Engineering Partnership:
- Partner with R&D and engineering teams to embed secure-by-design principles and Secure Software Development Life Cycle (SSDLC) practices into medical device development.
- Define and manage the strategy for Software Bill of Materials (SBOM) generation and maintenance across all device product lines.
- Coordinate with Cloud Security, Application Security, and Vulnerability Management Information Security teams to integrate their services into Tempus Medical Devices.
- Regulatory Compliance & Quality Assurance:
- Ensure device design and lifecycle management align with FDA pre-market and post-market cybersecurity guidelines.
- Author, review, and maintain cybersecurity documentation required for regulatory submissions (e.g., 510(k), De Novo, PMA).
- Coordinate with the Quality Management team to integrate cybersecurity into the enterprise Quality Management System (QMS).
- Leadership & Mentorship:
- Mentor, and develop the Medical Device Cybersecurity Analyst(s), guiding their daily tactical execution, vulnerability assessments, and professional growth.
- Serve as the primary Subject Matter Expert (SME) for Medical Device Cybersecurity across the organization and provide education to cross-functional teams on the program.
- Threat & Vulnerability Management:
- Oversee the continuous monitoring, vulnerability scanning, and patching strategies for deployed medical devices.
- Manage engagements with penetration testing conducting assessments on Tempus hardware and embedded systems
Qualifications- 7+ years of technical experience in information security in the tech or healthcare industry.
- Deep understanding of FDA Cybersecurity Guidance (Pre-market and Post-market), ISO 14971, and ISO 13485
- Proficiency in threat modeling methodologies (STRIDE, PASTA) and secure architecture design.
- Industry-recognized certifications such as CISSP, HCISPP, CISM, or relevant SANS certifications are preferred.
- Ability to manage several programs at once and work proactively to align multi-disciplinary stakeholders.
- Excellent written and verbal communication skills, including the ability to act as translator among diverse teams of biologists, medical professionals, engineers, operators, and data scientists.
#LI-HR1
#LI-Hybrid
CHI: $185,000-$215,000
The expected salary range above is applicable if the role is performed from Illinois and may vary for other locations (California, Colorado, New York). Actual salary may vary based on qualifications and experience. Tempus offers a full range of benefits, which may include incentive compensation, restricted stock units, medical and other benefits depending on the position.
