Chief Information Security Officer
Real Chemistry is a global health innovation company with offices across the United States and Europe. We believe that the way to real, transformative change is through the uncommon combination of disciplines, technologies, and our greatest asset – our people. We are currently looking to add to our alchemic mix of more than 1,800 talented professionals. This is a great opportunity to join a dynamic, fast-growing global company committed to making the world a healthier place for all.
We have an exciting new role open and are adding a Chief Information Security Officer (CISO) role to our leadership team. The CISO will be responsible for the Information Security of the organization, reviewing, developing and maintaining the company’s policies and procedures in accordance with regulatory requirements, company accreditations and best practice/ standards applicable to healthcare, and communications information security. The position will also be responsible for setting the strategic direction of the Information Security and the day-to-day management to ensure good practice.
All employees are currently working remote; once our offices re-open, this position can be in one of our offices, including New York City, Boston, Chicago, Austin, Philadelphia, San Francisco, Florham Park, NJ or can be fully remote.
Responsibilities:
Periodic review/development/adoption and enforcement of Information Security policies, procedures and standards.
Maintain the Company’s Security Policies. These are formal policies that detail and document actual mechanisms and controls and should include at least the following:
Administrative: Risk analysis and management, documentation management and controls, information access controls and sanctions for failure to comply.
Personnel Security: Personnel only have access to the sensitive information for which they have appropriate authority and clearance.
Physical Safeguards: Assign security responsibilities, control access to media and the controls in place against unauthorized access to workstations and related equipment.
Technical Security: Set the access and authorization controls for everyday operations as well as emergency procedures for data.
Transmission security: Set the standards for access controls, audit trails, event reporting, encryption and integrity controls.
Maintain the Company’s Security Procedures that include:
Evaluation and compliance with security measures.
Disaster Recovery and Emergency operating procedures.
Security Incident Response and process protocols including Incident Reporting and Sanctions.
Testing of security procedures, mechanisms and measures.
Maintain appropriate security measures and mechanisms to guard against unauthorized access to electronically stored and /or transmitted patient data and protect against reasonably anticipated threats and hazards.
Oversee and/or assist in performing on-going security monitoring of organization information systems including:
Assess information security risk periodically.
Conduct functionality and gap analyses to determine the extent to which key business areas and infrastructure comply with statutory and regulatory requirements.
Evaluate and recommend new information security technologies and counter-measures against threats to information or privacy.
Work with Compliance to ensure policy adherence adequate training programs and periodic security audits. These audits should be both internal and external in nature.
Educational and Work Experience:
Bachelor’s Degree with minimum of 10+ years of experience in IT security field, infrastructure and operations. Major in Computer Science, Technology, Information Security or other related field
Work with Compliance to ensure policy adherence adequate training programs and periodic
Knowledge of Cyber security requirements
Knowledge of HIPAA security is helpful
Certification required in one of the following: CISSP (Certified Information Systems Security Professional), CISM (Certified Information Security Manager) or CISA (Certified Information Systems Auditor) Well versed with data center operations Knowledge of Cloud platform and managed services models
Knowledge of Cyber security requirements
Knowledge of HIPAA security is helpful
Real Chemistry offers a comprehensive benefit program and perks, including flexible PTO, expanded paid leave for new parents including Your 4th Trimester ® , a program that helps new parents transition back to work, and a five-week sabbatical program. Other perks include Income Protection, Retirement plans/401(k) match, and cell phone savings plans. Learn more about our great benefits and perks at: http://www.realchemistry.com/
Real Chemistry is committed to being an Equal Opportunity employer. As such, we seek motivated and qualified applicants without regard to race, color, religion, sex (including pregnancy), sexual orientation, gender identity/expression, ethnic or national origin, age, physical or mental disability, genetic information, marital information, or any other characteristic protected by federal, state, or local employment discrimination laws where Real Chemistry operates. We strive to employ, motivate, advance and reasonably accommodate any qualified employees and applicants. We believe diversity of persons and ideas forms the most comprehensive, forward-looking company.