Junior Information Security Auditor

About Augmedix:
Augmedix (Nasdaq: AUGX) delivers industry-leading, ambient medical documentation and data solutions to healthcare systems, physician practices, hospitals, and telemedicine practitioners. 
Augmedix is on a mission to help clinicians and patients form a human connection at the point of care without the intrusion of technology. Augmedix’s solutions extract data from natural physician-patient conversations and convert it to medical notes in real time, which are seamlessly transferred to the EHR. To achieve this, the company’s Ambient Automation Platform uses Automated Speech Recognition and Natural Language Processing, supported by medical documentation specialists. 
Leveraging this platform, Augmedix’s solutions relieve clinicians of administrative burden, in turn, reducing burnout and increasing both clinician and patient satisfaction. Augmedix is also leading the revolution in leveraging point-of-care data by making connections between millions of physician-patient interactions and analyzing them to deliver actionable insights that elevate patient care.
About the Role:
We are seeking Junior Information Security Auditor to join our team. The role will ensure the protection of Augmedix and its customers’ information while ensuring compliance with HIPAA, NIST, and HITRUST controls framework. The location of work is the Augmedix Bangladesh office in Dhaka. The position will use Augmedix applicable security frameworks to assess information security controls over all Augmedix Operation Centers for compliance, interview key stakeholders (developers, ISSOs, business POCs, etc.) to determine security controls implementation, assist in the execution of the security control assessment plan by following AX standard assessment procedures, collecting, and analyzing evidence, and documenting steps taken and findings, update System Security Plan with actual internal controls that have been implemented as determined during assessment. The position may require travel to Augmedix’s service provider sites (India, Sri Lanka) for information security control assessments.

Responsibilities:

• Examine AX’s owned and vendor’s Operation center’s IT infrastructure, evaluate the design and operational effectiveness, determine exposure to risk, and develop remediation strategies.
• Cope up with the Augmedix GRC platform and maintain audit records within the platform.
• Respond to all system and/or network security breaches.
• Plan, implement, monitor, and upgrade security measures for the protection of the organization’s data, systems, and networks.
• Participate in the change management process.
• Test and identify application, network, and system vulnerabilities, and create counteractive strategies to protect the network.
• Conduct efficient and effective IT audit procedures.
• Communicate complex technical issues in simplified terms to the relevant staff.
• Perform regular audit testing and provide recommendations.
• Review, evaluate, and test application controls.
• Provide recommendations and guidance on identified security and control risks.
• Develop a strong understanding of business and system processes.
• Develop detailed audit reports for documentation and presentation.
• Complete the given assignment and submit it to the supervisor as per the agreed timeline.
• Proactive to follow up on the mitigation process with stakeholders.
• Be a team player, and maintain liaison with all the stakeholders.

Requirements:

• Excellent communication in English is essential.
• Minimum 2 years of working experience in IT Audit/ Information Security Management. Experience in IT Security Consulting and/or IT Security Audit organizations will be a benefit.
• Degree in Information Technology or equivalent discipline.
• Certified Information Systems Auditor (CISA) certification.
• Knowledge of different industry security standards e.g. ISO, NIST, CIS will add extra value.
• Ability to work under pressure in a fast-paced environment.
• Strong attention to detail with an analytical mind and outstanding problem-solving skills.
• Great awareness of cybersecurity trends and hacking techniques are plus points.
• Knowledge of overall IT Security domains.
• Ability to define, prioritize and execute processes in a precise and structured manner.

Work Shift:

• 11:00 AM to 8:00 PM

Augmedix is an equal opportunity employer. We are committed to providing equal employment opportunities regardless of sex, gender identity, race, religious creed, color, ancestry, age, disability, marital status, sexual orientation including being transgender and/or any other protected bases.