What you'd actually do

Develop, implement, and continuously mature the Medical Device Cybersecurity roadmap, policies, and Standard Operating Procedures (SOPs), aligning them with the overarching enterprise data security strategy.

Partner with R&D and engineering teams to embed secure-by-design principles and Secure Software Development Life Cycle (SSDLC) practices into medical device development.

Ensure device design and lifecycle management align with FDA pre-market and post-market cybersecurity guidelines.

Mentor, and develop the Medical Device Cybersecurity Analyst(s), guiding their daily tactical execution, vulnerability assessments, and professional growth.

Oversee the continuous monitoring, vulnerability scanning, and patching strategies for deployed medical devices.

Passionate about precision medicine and advancing the healthcare industry?

Recent advancements in underlying technology have finally made it possible for AI to impact clinical care in a meaningful way. Tempus' proprietary platform connects an entire ecosystem of real-world evidence to deliver real-time, actionable insights to physicians, providing critical information about the right treatments for the right patients, at the right time.

The Role

As the Medical Device Cybersecurity Senior Manager, you will own the medical device cyber security program at Tempus AI. You will act as the crucial bridge between enterprise-wide security strategy and product-level medical device technical execution. You will partner closely with R&D, Product Management, Regulatory Affairs, and Quality to integrate security into the device lifecycle ("shift-left"), ensure adherence to FDA cybersecurity guidelines, and enabling Pre-Market submissions as well as Post-Market surveillance of Tempus Medical Devices.

What You'll Do

**Program Management & Strategy Execution: **
- Develop, implement, and continuously mature the Medical Device Cybersecurity roadmap, policies, and Standard Operating Procedures (SOPs), aligning them with the overarching enterprise data security strategy.
Product Security & Engineering Partnership:
- Partner with R&D and engineering teams to embed secure-by-design principles and Secure Software Development Life Cycle (SSDLC) practices into medical device development.
- Define and manage the strategy for Software Bill of Materials (SBOM) generation and maintenance across all device product lines.
- Coordinate with Cloud Security, Application Security, and Vulnerability Management Information Security teams to integrate their services into Tempus Medical Devices.
Regulatory Compliance & Quality Assurance:
- Ensure device design and lifecycle management align with FDA pre-market and post-market cybersecurity guidelines.
- Author, review, and maintain cybersecurity documentation required for regulatory submissions (e.g., 510(k), De Novo, PMA).
- Coordinate with the Quality Management team to integrate cybersecurity into the enterprise Quality Management System (QMS).
Leadership & Mentorship:
- Mentor, and develop the Medical Device Cybersecurity Analyst(s), guiding their daily tactical execution, vulnerability assessments, and professional growth.
- Serve as the primary Subject Matter Expert (SME) for Medical Device Cybersecurity across the organization and provide education to cross-functional teams on the program.
** Threat & Vulnerability Management:**
- Oversee the continuous monitoring, vulnerability scanning, and patching strategies for deployed medical devices.
- Manage engagements with penetration testing conducting assessments on Tempus hardware and embedded systems

Qualifications

7+ years of technical experience in information security in the tech or healthcare industry.
Deep understanding of FDA Cybersecurity Guidance (Pre-market and Post-market), ISO 14971, and ISO 13485
Proficiency in threat modeling methodologies (STRIDE, PASTA) and secure architecture design.
Industry-recognized certifications such as CISSP, HCISPP, CISM, or relevant SANS certifications are preferred.
Ability to manage several programs at once and work proactively to align multi-disciplinary stakeholders.
Excellent written and verbal communication skills, including the ability to act as translator among diverse teams of biologists, medical professionals, engineers, operators, and data scientists.

#LI-HR1

#LI-Hybrid

CHI: $185,000-$215,000

The expected salary range above is applicable if the role is performed from Illinois and may vary for other locations (California, Colorado, New York). Actual salary may vary based on qualifications and experience. Tempus offers a full range of benefits, which may include incentive compensation, restricted stock units, medical and other benefits depending on the position.

We are an equal opportunity employer. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.

What You'll Do

**Program Management & Strategy Execution: **

Develop, implement, and continuously mature the Medical Device Cybersecurity roadmap, policies, and Standard Operating Procedures (SOPs), aligning them with the overarching enterprise data security strategy.

Product Security & Engineering Partnership:

Partner with R&D and engineering teams to embed secure-by-design principles and Secure Software Development Life Cycle (SSDLC) practices into medical device development.
Define and manage the strategy for Software Bill of Materials (SBOM) generation and maintenance across all device product lines.
Coordinate with Cloud Security, Application Security, and Vulnerability Management Information Security teams to integrate their services into Tempus Medical Devices.

Regulatory Compliance & Quality Assurance:

Ensure device design and lifecycle management align with FDA pre-market and post-market cybersecurity guidelines.
Author, review, and maintain cybersecurity documentation required for regulatory submissions (e.g., 510(k), De Novo, PMA).
Coordinate with the Quality Management team to integrate cybersecurity into the enterprise Quality Management System (QMS).

Leadership & Mentorship:

Mentor, and develop the Medical Device Cybersecurity Analyst(s), guiding their daily tactical execution, vulnerability assessments, and professional growth.
Serve as the primary Subject Matter Expert (SME) for Medical Device Cybersecurity across the organization and provide education to cross-functional teams on the program.

** Threat & Vulnerability Management:**

Oversee the continuous monitoring, vulnerability scanning, and patching strategies for deployed medical devices.
Manage engagements with penetration testing conducting assessments on Tempus hardware and embedded systems

Qualifications

7+ years of technical experience in information security in the tech or healthcare industry.

Deep understanding of FDA Cybersecurity Guidance (Pre-market and Post-market), ISO 14971, and ISO 13485

Proficiency in threat modeling methodologies (STRIDE, PASTA) and secure architecture design.

Industry-recognized certifications such as CISSP, HCISPP, CISM, or relevant SANS certifications are preferred.

Ability to manage several programs at once and work proactively to align multi-disciplinary stakeholders.

Excellent written and verbal communication skills, including the ability to act as translator among diverse teams of biologists, medical professionals, engineers, operators, and data scientists.

#LI-HR1

#LI-Hybrid

CHI: $185,000-$215,000

Sr. Manager, Medical Device Cyber Security

What you'd actually do

Skills

Required

Nice to have

What the JD emphasized

The Role

What You'll Do

Qualifications

The Role

What You'll Do

Qualifications