Insight Global Jobs

Job Description

Insight Global is seeking an experience Security Policy Consultant to join a major Global Health organization's Security division. The successful candidate should be well-versed in ISO 27001 and ISO 27002, along with GDPR and HIPAA. Prior experience developing policy, governance and compliance is critical to this role.

 Play a lead role in the development and implementation of security policies, standards, procedures, and guidelines to ensure compliance with industry standards and international regulations.

 Assist in the growth of the information security management system (ISMS), developing recommendations for evaluation and continual improvement activities.

 Design security controls and collaborate with system and product owners to implement effectively on a global scale, across diverse product offerings, and within the context of existing systems and processes.

 Maintain in-depth knowledge of information security frameworks, global data protection and health-industry specific regulations, methodologies and standards and adapt security policy to meet changing threats and requirements.

 Monitor, investigate and assess security controls for compliance and effectiveness via technical and physical process, raising security risks and contributing to mitigation plans as necessary.

 As an experienced information security consultant, youll provide advice and guidance concerning information security practices and requirements as a Subject Matter Expert

 Perform security reviews of contracts and support response to security questionnaires, as required.

 Participate in security risk identification and evaluations, develop risk mitigation strategies, and recommend security controls and measures to minimize risks.

 Participate in/support internal security assessments and third-party audits and compliance assessments, ensuring adherence to regulatory requirements and industry standards.

 Recommend and support administration and deployment of security technologies and tools to address security needs and support process improvements.

We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to HR@insightglobal.com .

To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: https://insightglobal.com/workforce-privacy-policy/ .

Skills and Requirements

Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field

 You have 5+ years of experience in a similar capacity.

 Intermediate understanding and experience in one or more information security domains (e.g. data protection and privacy, compliance, risk management, application and cloud security, and incident management).

 Intermediate experience with and knowledge of security frameworks, including ISO 27001 and ISO 27002

 Familiarity with relevant data protection, privacy and health-related laws and regulations, such as GDPR, HIPAA.

 Proficient communication and interpersonal skills, with the ability to communicate requirements effectively, develop consensus and build relationships with stakeholders at all levels of the organization.

 A demonstrated ability to manage challenging situations and competing priorities in a fast-paced environment.

 Comfortable with ambiguity, you are able to adapt, make adjustments and maintain focus and positivity through change.

 Capable of defining an approach, seeking out resources and taking ownership for your objectives and responsibilities.

 Experience supporting other independent contributors in growth and development, helping to build a strong and supportive team.

 Effective analytical skills and attention to detail, with the ability to interpret and analyze security data and reports. AICPA SOC 2 Trust Services Principles, NIST Cybersecurity Framework.

 Certifications, such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), ISO27K lead implementer are highly desirable.

 Experience in developing policy and implementing security control framework in the Healthcare sector or related industry.

 Fundamental/working knowledge of additional frameworks and standards, such as NIST 800-53, PCI-DSS, CIS Benchmarks, COBIT and/or ISF. null

We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal employment opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment without regard to race, color, ethnicity, religion,sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military oruniformed service member status, or any other status or characteristic protected by applicable laws, regulations, andordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or the recruiting process, please send a request to HR@insightglobal.com.