InfoSec Manager

Summary about this job

Detail information about job InfoSec Manager. Terms and conditions vacancy

MedicalDirector was established 25 years ago, but with the energy and vision of a start-up, together, we want make people healthier around the world. We have facilitated over 60 million patient consults last year and we provide solutions to GPs, Specialists, Pharmacists and Hospitals, so we understand the healthcare landscape and know what is needed to continue to push the boundaries of healthcare delivery. 
 
We are looking for an empowered individual like yourself to join our team in a trendy and relaxed atmosphere in the city. A space that facilitates collaboration, openness and creative problem solving with a passion for what we deliver and how we can positively impact our customers to enable their ideal. 
 
Within an Agile environment, security remains to be of as paramount importance as always. The difference is that it must be applied in such a manner that it supports the iterative nature of these environments rather than the classic waterfall approach to infosec testing. A MedicalDirector InfoSec Manager must be absolutely proficient in the core principals of information security but is able to apply them within an incremental and continuous delivery cycle.

• Establish an information security program along with a program of implementation
• Create and execute on an educational program which highlights applicable security considerations for different areas of our business
• Creating a mindset and culture of security within the business
• Embed security as a core ingredient within an automated software development pipeline (CI/CD)
• Working specifically with the software engineering teams to implement secure coding practices
• Engaging with the broader business to develop/implement the security technology stack
• Working with external vendors to augment our internal security capabilities
• Provide a long term vision for security within MedicalDirector which includes building out a team
• Working with our customers and partners to ensure that they are held to our high standard and we assist them to do so
• Security incident handling - monitoring, identification, impact assessment, escalation, reporting and postmortem review

What you'll need:

• Excellent understanding of various information security standards NIST and ISO27001
• Understanding of GDPR and HIPAA a definite advantage
• Excellent communication skills with an ability to engage with a group commensurate to the needs of each audience
• Experience working in a security role within a software engineering (SaaS and installed) organisation
• An ability to apply a risk based approach to security without compromising core tenets
• Experience taking an innovative and modern approach to security testing
• Intimate knowledge of vulnerability lists such as OWASP Top 10, CWE/SANS Top 25 and CAPEC

What’s on offer: 

• Brand new state of the art office located in the heart of the CBD! 
• Free breakfast daily 
• Employee Assistance Program 
• Continuous Learning & Development 
• Career progression opportunities 
• Hackathons and innovation events  

If you are someone who loves technology, takes pride in your work and who wants to make a meaningful difference in the world, then we’re looking for you. Our mission will impact people’s lives directly and ultimately benefit the society in which we live. There are plenty of opportunities for you to influence the future of the products, process and technology we use, and will be given the support required to make it happen. If you’re up for the challenge, then hit the Apply button or email your CV to [email protected] quoting the job title.