Project / Business Problem:

Business and rest of OU went through large re-org

Used to do 6Q forecast now do 10Q forecast as a derivative of this they were asked to think about talent st***gy and put in their forecasts for personnel

Came to realize in last 1-2 years that continue to be pretty consistent/voluminous demands

• Customer Questions questionaires Are you certified in XYZ, etc. (external communications responses)
• EUMD deaDLINE COMING UP requires them to recertify everything

Scope / Deliverables / Timeframe:

1. regulatory submission packages.
2. HDO response deliverables.

Certain checklists and report formats that can be leveraged as deliverable or aggragation of quality documentation and development of submission package.

Day to Day:

• Up to speed on regulatory and compliance as it relates to security a "Ninja with compliance and security"
• Somebody really solid with paperwork (compliance documentation) and compliance.
• Pulling more current FTE/technical folks off of these longer range innovative projects to get things into the market.
• They will own and lead these compliance, re-certification, re-filing, addressing customer questions, etc. type activities - Here is your book of biz, we need it in X months, and we need it done well.
• RF and Wireless comms technologies could parse through a system design spec to assess an old control and analyze/implement a new one.
• Have CISSP, CISA, or CISM would be ideal
• Experience with quality management (QMS) document systems
• MDT has a really well defined pipeline for next two years for EU, China, and other regions domestic submission (FDA) experience would also be ideal
• Somebody who has been on other side of the fence could be a worthwhile candidate. One who has worked for a customer that is sending out questionnaires to companies like MDT for response.

Likely objectives for new contractor.

1. Create Security Risk Management Documentation packages to support submissions (EU + China, FDA). Respond to deficiencies (Lookup documents in document management systems (MapAgile), identify controls, master wordsmith). Audit experience could be helpful.

Embedded experience not necessary, but decent cybersecurity background to articulate controls.

2. Respond to customer questionnaires regarding cyber security of products.

Experience / Skills (or ability to quickly learn):

• European Union Medical Device Regulation (security specific requirements): This is very similar to FDA pre/post-market security guidance
• China FDA (now NMPA) Guideline for Technical Review of Medical Device Cybersecurity Registration ([2017] No. 13): Same as above
• ISO 27001/HITRUST/France's Health Data Hosting regulation/HIPAA security rule/GDPR security principles
• CISSP or CISA
• NIST, CSF, SOC2

Ultimately what we need is an executor who understands how to pull documents from a quality system (or other system of record) and populate various regulatory submission deliverables, as well as answer customer questions about our compliance with various standards/regulations/laws. Some experience in RF technology/wireless communications would be a much appreciate.

Required Skills : Excel

Indotronix is an Equal Opportunity Employer