1 Information Security & Compliance Specialist Job in Raleigh, NC
Core Sound Imaging, Inc. is Hiring an Information Security & Compliance Specialist Near Raleigh, NC
The Information Security & Compliance Specialist at Core Sound Imaging is responsible for working with Product/Development/DevOps/IT to identify weaknesses in the security posture within the SaaS application, its infrastructure, and office infrastructure. They will define methods to achieve security control requirements through automation or efficient means that support an available and responsive product environment. The Information Security & Compliance Specialist will serve as the point of contact for any internal/external IT audit and compliance-related inquiries, collaborate with product development teams to integrate compliance measures into new products and features, and work closely with IT, infrastructure, and product teams to implement security measures and ensure the integrity of the product information systems. This position is currently On-Site.Examples of Key Duties: (Duties are illustrative and not inclusive and may vary.)
- Direct and provide leadership for the organization's product information security and compliance program.
- Evaluates new or updated industry regulations to ensure continued compliance.
- Complete client security assessments to ensure product security measures are intact.
- Collaborate with the Product and Development teams to integrate compliance measures into new products and features.
- Develop and deploy automated tools to monitor and ensure compliance with specific regulatory requirements.
- Review development frameworks for security functionality, consistency, and uplift opportunities.
- Own the ISMS-27001 standards and work with the teams to support adherence to its guidelines.
- Apply product information security controls and investigates/responds to product information security incidents.
- Create detailed designs and documents as needed to meet standards.
- Manage and resolve issues in alignment with the SLAs and proactively escalate any issues that cannot be resolved within the established timeframe.
- Initiate and perform changes on the production systems.
- Establish and maintain communication with technology customers to keep them informed of their requests.
- Understand the legal and regulatory issues relevant to the enterprise and ensure the enterprise is not placed at risk.
- Conduct regular security audits and risk assessments of the SaaS application, its infrastructure, and office infrastructure to identify potential vulnerabilities and implement necessary security controls.
- Develop and maintain incident response plans for security breaches related to the SaaS application, its infrastructure, and office infrastructure.
- Collaborate with DevOps and IT teams to ensure secure configuration and deployment of the SaaS application and its infrastructure.
- Implement and manage access control measures for the SaaS application, its infrastructure, and office infrastructure to prevent unauthorized access.
- Monitor and analyze security logs and alerts related to the SaaS application, its infrastructure, and office infrastructure to detect and respond to security incidents.
- Conduct security awareness training for employees to promote secure practices and reduce the risk of security incidents.
- Other duties as assigned.
- Knowledge of IT compliance and audit processes and policies.
- Strong understanding of S-SDLC framework.
- Experience creating, maintaining, and testing IT policies and procedures.
- Practical experience developing and implementing automated solutions for security compliance.
- Experience with NIST, Data Protections, Static Code Analysis, Dynamic Code Analysis, Agile, Cloud Security, OWASP Top 10 and Security Architecture preferred.
- Strong knowledge of security governance principles and ability to apply them within the organization.
- Service-oriented mindset with a high sense of ownership of problems and requests assigned.
- Strong collaboration and communication skills to work effectively with IT teams and cross-functional stakeholders.
Company DescriptionSince Core Sound Imaging began in 2007, we have focused on delivering a superior customer experience with Studycast® - an advanced software as a service (SaaS) image storage and reporting solution (cloud PACS). Core Sound Imaging's focus on innovation is allowing Studycast® to change the face of medical imaging and diagnostic interpretation. Our nearly 2,000 clients in the U.S. and the world rely on Studycast for digital imaging and diagnostic testing workflow solutions that make their lives easier.
Since Core Sound Imaging began in 2007, we have focused on delivering a superior customer experience with Studycast® - an advanced software as a service (SaaS) image storage and reporting solution (cloud PACS). Core Sound Imaging's focus on innovation is allowing Studycast® to change the face of medical imaging and diagnostic interpretation. Our nearly 2,000 clients in the U.S. and the world rely on Studycast for digital imaging and diagnostic testing workflow solutions that make their lives easier.
Job Summary
Full Time
Medical Technology
$67k-82k (estimate)
05/23/2024
07/21/2024
corestudycast.com
RALEIGH, NC
<25
2007
MARK SMITH
<$5M
Medical Technology
Related Companies
About Core Sound Imaging, Inc.
More than a PACS, the Studycast system from Core Sound Imaging offers comprehensive imaging workflow on demand. View diagnostic-quality images and loops, quickly generate findings, and digitally sign reports from any Internet-connected device. Then, securely share them with colleagues and patients, route them to your EMR, and archive them in the cloud. Designed for performance and filled with automated features, the Studycast system offers an intuitive end-to-end workflow that saves you time. Study images, patient demographics, and measurements upload automatically to pre-populate your study r...eports. With automatic calculations, interactive diagrams, and quick compare to priors, you can build your report with fewer clicks. The Studycast system is cloud native, so there's no hardware to maintain, no software to update, and no data storage to manage. Powerful, flexible, and intuitive, the Studycast system was designed to work for any enterprise from a single-physician practice to a hospital network or even a multinational CRO.
More
Show less
Similar Jobs
Popular Articles
