Information Security - Raleigh, United States - Core Sound Imaging

    Core Sound Imaging
    Core Sound Imaging Raleigh, United States

    2 weeks ago

    Default job background
    Description


    Job Description Job Description We are seeking an Information Security & Compliance Specialist to join our teamThe Information Security & Compliance Specialist at Core Sound Imaging is responsible for working with Product/Development/DevOps/IT to identify weaknesses in the security posture within the SaaS application, its infrastructure, and office infrastructure.

    They will define methods to achieve security control requirements through automation or efficient means that support an available and responsive product environment.

    The Information Security & Compliance Specialist will serve as the point of contact for any internal/external IT audit and compliance-related inquiries, collaborate with product development teams to integrate compliance measures into new products and features, and work closely with IT, infrastructure, and product teams to implement security measures and ensure the integrity of the product information systems.

    This position is currently On-Site.


    Examples of Key Duties:
    (Duties are illustrative and not inclusive and may vary.)Direct and provide leadership for the organization's product information security and compliance program.
    Evaluates new or updated industry regulations to ensure continued compliance.
    Complete client security assessments to ensure product security measures are intact.
    Collaborate with the Product and Development teams to integrate compliance measures into new products and features.
    Develop and deploy automated tools to monitor and ensure compliance with specific regulatory requirements.
    Review development frameworks for security functionality, consistency, and uplift opportunities.
    Own the ISMS-27001 standards and work with the teams to support adherence to its guidelines.
    Apply product information security controls and investigates/responds to product information security incidents.
    Create detailed designs and documents as needed to meet standards.

    Manage and resolve issues in alignment with the SLAs and proactively escalate any issues that cannot be resolved within the established timeframe.

    Initiate and perform changes on the production systems.
    Establish and maintain communication with technology customers to keep them informed of their requests.
    Understand the legal and regulatory issues relevant to the enterprise and ensure the enterprise is not placed at risk.

    Conduct regular security audits and risk assessments of the SaaS application, its infrastructure, and office infrastructure to identify potential vulnerabilities and implement necessary security controls.

    Develop and maintain incident response plans for security breaches related to the SaaS application, its infrastructure, and office infrastructure.
    Collaborate with DevOps and IT teams to ensure secure configuration and deployment of the SaaS application and its infrastructure.
    Implement and manage access control measures for the SaaS application, its infrastructure, and office infrastructure to prevent unauthorized access.

    Monitor and analyze security logs and alerts related to the SaaS application, its infrastructure, and office infrastructure to detect and respond to security incidents.

    Conduct security awareness training for employees to promote secure practices and reduce the risk of security incidents.
    Other duties as assigned.


    Qualifications:
    Bachelor's degree in computer science, information systems, or related field. Three or more years of experience in successfully performing the essential duties listed above.
    Knowledge of IT compliance and audit processes and policies.
    Strong understanding of S-SDLC framework.
    Experience creating, maintaining, and testing IT policies and procedures.
    Practical experience developing and implementing automated solutions for security compliance.

    Experience with NIST, Data Protections, Static Code Analysis, Dynamic Code Analysis, Agile, Cloud Security, OWASP Top 10 and Security Architecture preferred.

    Strong knowledge of security governance principles and ability to apply them within the organization.
    Service-oriented mindset with a high sense of ownership of problems and requests assigned.
    Strong collaboration and communication skills to work effectively with IT teams and cross-functional stakeholders.
    Please submit your resume to be considered for this position.

    Company Description Since Core Sound Imaging began in 2007, we have focused on delivering a superior customer experience with Studycast - an advanced software as a service (SaaS) image storage and reporting solution (cloud PACS).

    Core Sound Imaging's focus on innovation is allowing Studycast to change the face of medical imaging and diagnostic interpretation. Our nearly 2,000 clients in the U.S. and the world rely on Studycast for digital imaging and diagnostic testing workflow solutions that make their lives easier.

    Company Description Since Core Sound Imaging began in 2007, we have focused on delivering a superior customer experience with Studycast - an advanced software as a service (SaaS) image storage and reporting solution (cloud PACS).

    Core Sound Imaging's focus on innovation is allowing Studycast to change the face of medical imaging and diagnostic interpretation. Our nearly 2,000 clients in the U.S. and the world rely on Studycast for digital imaging and diagnostic testing workflow solutions that make their lives easier.#J-18808-Ljbffr