Security Compliance Officer
Bengaluru
Applications have closed
Biofourmis
Biofourmis partners with healthcare organizations and life science companies to provide solutions that help expand the delivery of care to everyone, everywhere.Biofourmis is a rapidly growing, global digital health company filled with committed, passionate professionals who care about augmenting personalized care and empowering people with complex chronic conditions to live better and healthier lives. We are pioneering an entirely new category of medicine by developing clinically validated, software-based therapeutics to provide improved outcomes for patients, smarter engagement & tracking tools for clinicians, and cost-effective solutions for payers. We are collectively devoted to a single-minded idea: powering personally predictive care.
Our dynamic growth has been marked by doubled headcount in the last 12 months via both expansion & acquisition, yielding a global footprint with offices in Boston, Singapore, Bangalore, and Zurich. We are backed by prominent international venture capital investment & have cultivated relationships with worldwide healthcare stakeholders over the last 5 years. Our talented team features numerous PhD’s in Data Science and Biostatistics, over 80 patents, prolific scientific publications, world-class systems, developers & engineers, and leaders in the clinical operations space.
Roles & Responsibilities
- Support security compliance audits like SOC-2, ISO 27001 and HITRUST.
- Conduct readiness assessments, coordination with stakeholders, document and controls implementations for the external audits on a regular basis.
- Perform security and technology risk assessment, and provide recommendations on risk mitigation /remediation strategies under the guidance.
- Work with the business & other stakeholders in creating and roll out security policies, processes and controls to manage technology risk and ensure effective risk governance.
- Perform routine internal audits and follow up on action items for effective compliance management.
- Regularly review, update and align the current security policies with the control infra.
- Support, participate and monitor BCP/DR plan and drills under the guidance.
- Work with team or independently manage security projects and tools.
- Assist in mapping various compliance frameworks, certifications, etc.
- Support on vendor security assessments e.g. initial kick off, follow up, remediation plans and follow ups, etc. under the guidance.
Requirements
- 7 years of relevant experience or a previous role into security technology with few years into risk, compliance and audit activities.
- Excellent implementation knowledge of various security audits like SOC 2 and ISO 27001, their expectatioins and requirements.
- Experienced in working with external auditors, as an auditor and auditee.
- Good conceptual and analytical skills on implementing security controls to protect organizational assets.
- Capable of participating in multiple projects simultaneously in an evolving and fast growing organizational culture.
- Excellent interpersonal skills, good at coordination and a team player.
- Any of the certification/s – CISA, CRISC, etc.
Preferred Qualifications/Skills
- Past experience with healthcare industry is a plus.
- Experience with medical devices, IoT devices, etc. related compliance to support regulatory requirements (FDA, etc.) and third party security audits like SOC 2, ISO 27001, MDSAP, ISO 13485, etc. is a plus.
- Good to have knowledge of cloud security.
Tags: Audits CISA Cloud Compliance CRISC Governance HITRUST ISO 27001 PhD Risk assessment Security assessment SOC SOC 2
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Security Operations Engineer jobs
- Open Senior Cyber Security Engineer jobs
- Open Information Security Specialist jobs
- Open Manager Pentest H/F jobs
- Open Cyber Security Architect jobs
- Open Cyber Security Specialist jobs
- Open Principal Security Engineer jobs
- Open Staff Security Engineer jobs
- Open Product Security Engineer jobs
- Open Senior Information Security Analyst jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Chief Information Security Officer jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Consultant SOC / CERT H/F jobs
- Open Cybersecurity Consultant jobs
- Open Senior Information Security Engineer jobs
- Open Security Specialist jobs
- Open Cybersecurity Specialist jobs
- Open Senior Penetration Tester jobs
- Open Security Researcher jobs
- Open Sr. Security Engineer jobs
- Open Senior Security Architect jobs
- Open Security Operations Analyst jobs
- Open Clearance-related jobs
- Open ISO 27001-related jobs
- Open Windows-related jobs
- Open Application security-related jobs
- Open Network security-related jobs
- Open Agile-related jobs
- Open Pentesting-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open SaaS-related jobs
- Open Analytics-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Security assessment-related jobs
- Open Java-related jobs
- Open IDS-related jobs
- Open Security Clearance-related jobs
- Open Malware-related jobs
- Open DevOps-related jobs
- Open EDR-related jobs
- Open Kubernetes-related jobs
- Open CEH-related jobs
- Open IPS-related jobs