Information Security Specialist

DeepHealth

Charing Cross, United Kingdom

4 days ago

Role details

Contract type

Permanent contract

Employment type

Full-time (> 32 hours)

Working hours

Regular working hours

Languages

English

Experience level

Intermediate

Compensation

£ 75K

Job location

Remote

Charing Cross, United Kingdom

Tech stack

Computer Security

Information Systems

Information Technology Operations

Information Technology

Job description

The Information Security Specialist is a strategic role within DeepHealth's Quality, Regulatory, and Compliance department, responsible for assisting in the development, implementation, and maintenance of comprehensive information security compliance strategies. This position is critical in protecting organizational data, ensuring regulatory adherence, and mitigating potential security risks in the complex digital health landscape., As the Information Security Specialist, this position will work with the Information Security Officer, IT Operations, Sec Operations and the broader Compliance team to:

Information Security Compliance Strategy:

Develop and implement holistic security compliance programs
Create comprehensive risk management frameworks
Design and maintain security policies, procedures, and guidelines
Continuously assess and update security strategies
Ensure alignment with organizational objectives and regulatory requirements

Regulatory Compliance:

Ensure compliance with complex regulatory standards including, but not limited to:
HIPAA
GDPR
CCPA
ISO 27001
HITRUST
Conduct thorough risk assessments and vulnerability evaluations
Prepare detailed compliance reports and documentation
Support external and internal audit processes
Track and implement regulatory changes

Technical Security:

Perform comprehensive security vulnerability assessment
Develop and implement security control frameworks
Monitor and analyze security incidents and breaches
Design and conduct security awareness training programs
Manage access control and identity management systems
Evaluate and recommend security technologies and solutions

Incident Response and Management:

Develop and maintain incident response plans
Coordinate rapid and effective responses to security incidents
Conduct pos-incident analysis and implement preventive measures
Maintain detailed incident documentation and reporting

Interdepartmental Collaboration:

Work closely with IT, Legal, Compliance, and Clinical teams
Provide security guidance and recommendations
Facilitate cross-functional security awareness and training
Support technology implementation and security best practices

Please Note: This is not an exhaustive list of all duties, responsibilities and requirements of the position described above. Other functions may be assigned, and management retains the right to add or change duties at any time.

Requirements

Do you have experience in Communication skills?, Do you have a Master's degree?, * Bachelor's degree in Cybersecurity, Information Security, Computer Science or related field (or equivalent experience). Master's degree or advanced security certifications preferred, such as:

CISSP (Certified Information Systems Security Professional)
CISM (Certified Information Security Manager)
CRISC (Certified in Risk and Information Systems Control)
3-5 years of progressive experience in security compliance with healthcare, medical technology, or highly regulated industries.
Proven track record of developing and implementing security strategies.
Experience with regulatory compliance in complex environments, including:
An advanced understanding of security frameworks and compliance standards
Proficiency in security tools and technologies
Experience with risk assessment and management tools
Excellent written and oral communication and interpersonal skills with the ability to explain complex security concepts to diverse audiences.
High level of integrity and confidentiality.