Careers

Regulatory Specialist

The Regulatory Specialist is responsible for identifying and implementing necessary to process changes to maintain ISO27001 and SOC2 type 2 certifications. The Regulatory Specialist will assist in proactively identifying possible security and privacy concerns and inadequate systems that can negatively impact patients and customer satisfaction. The Regulatory Specialist is also responsible for leading improvement initiatives based on their findings.

Responsibilities:

  • Understand and remain current on applicable InfoSec, PHI and privacy regulations in North America, Europe, Israel and other geographies as required
  • Develops and maintains strong working relationship with internal teams, especially INFOSEC and Privacy.
  • Raise Intelerad privacy and security maturity level
  • Maintain up-to-date ISMS procedures and ensure they are being applied.
  • In conjunction with InfoSec, lead integration of such SOPs.
  • Gain an understanding of normal work process and any gaps that may exist between actual practice and established procedures as per privacy and InfoSec regulations
  • Participate in the definition and implementation of any new privacy and security policies, practices and controls.
  • In collaboration with the privacy compliance manager, follow-up on information security or privacy incidents, and propose improvement solutions to prevent breaches, events and weaknesses
  • Coordinate and participate in external and internal ISMS audits (ISO 27001 and SOC 2) and coordinate corrective and preventive actions
  • Document outputs of post-marketing surveillance activities related to the uptime of cloud-based solutions and share it with appropriate stakeholders and follow-up on action items raised during these activities
  • Collaborate with internal teams to document trends and risks in order to develop, implement and lead initiatives that will improve Intelerad s security and risk profile
  • Ensure that documented processes are followed in a consistent, timely and efficient manner
  • Acts as technical expert on client-based security surveys, and assists in completing them
  • Coordinate incident post-mortem and track corrective and preventive actions related to it
  • Maintain up-to-date security and privacy training material

Required Experience/Skills:

  • Bachelor s degree in InfoSec, business, quality management or related fields (or equivalent certification)
  • Minimum 3 years experience in information security management system(s)
  • Knowledge of ISO-27001 and SOC 2 certification
  • Experience in the IT field, software development, medical and/or cloud hosting
  • Training in quality management and quality improvement
  • Knowledge of MS Office, Google Suite and Visio (or similar workflow tool)
  • Strong verbal and written communication skills in English and Hebrew.
  • Well-organized and project-oriented

Qualifications:

SEE MORE
APPLY NOW

Junior Regulatory Specialist

The Regulatory Specialist is responsible for identifying and implementing necessary to process changes to maintain ISO27001 and SOC2 type 2 certifications. The Regulatory Specialist will assist in proactively identifying possible security and privacy concerns and inadequate systems that can negatively impact patients and customer satisfaction. The Regulatory Specialist is also responsible for leading improvement initiatives based on their findings.

If you are looking to start your career in Cybersecurity and Compliance this is your starting point.

Responsibilities:

  • Understand and remain current on applicable InfoSec, PHI and privacy regulations in North America, Europe, Israel and other geographies as required
  • Develops and maintains strong working relationship with internal teams, especially INFOSEC and Privacy.
  • Raise Intelerad privacy and security maturity level
  • Maintain up-to-date ISMS procedures and ensure they are being applied.
  • In conjunction with InfoSec, lead integration of such SOPs.
  • Gain an understanding of normal work process and any gaps that may exist between actual practice and established procedures as per privacy and InfoSec regulations
  • Participate in the definition and implementation of any new privacy and security policies, practices and controls.
  • In collaboration with the privacy compliance manager, follow-up on information security or privacy incidents, and propose improvement solutions to prevent breaches, events and weaknesses
  • Coordinate and participate in external and internal ISMS audits (ISO 27001 and SOC 2) and coordinate corrective and preventive actions
  • Document outputs of post-marketing surveillance activities related to the uptime of cloud-based solutions and share it with appropriate stakeholders and follow-up on action items raised during these activities
  • Collaborate with internal teams to document trends and risks in order to develop, implement and lead initiatives that will improve Intelerad s security and risk profile
  • Ensure that documented processes are followed in a consistent, timely and efficient manner
  • Acts as technical expert on client-based security surveys, and assists in completing them
  • Coordinate incident post-mortem and track corrective and preventive actions related to it
  • Maintain up-to-date security and privacy training material

Required Experience/Skills:

  • Bachelor s degree in InfoSec, business, quality management or related fields (or equivalent certification)
  • Basic Knowledge of ISO-27001 and SOC 2 certification
  • Basic Experience in the IT field, software development, medical and/or cloud hosting
  • Knowledge of MS Office, Google Suite and Visio (or similar workflow tool)
  • Strong verbal and written communication skills in English and Hebrew.
  • Well-organized and project-oriented

Qualifications:

SEE MORE
APPLY NOW

Cybersecurity Risk Assessment Specialist

The Cybersecurity Risk Assessment Specialist is an intermediate level position responsible for driving efforts to prevent, monitor and respond to information/data breaches and cyber-attacks. The overall objective of this role is to ensure the execution of Information Security directives and activities in alignment with customer’s data security policy.

Responsibilities:

  • Work with business unit point persons to perform Cybersecurity Inherent Risk Assessments based on the Cyber Assessment Tools and methodologies.
  • Collect domain-level assessment results and work with control owners to perform enterprise-wide cybersecurity Control Effectiveness Assessments based on the Cyber Risk Profile
  • Leverage the control effectiveness and maturity ratings in the Cyber Risk Profile to deduce the Residual Risk Ratings for the inherent risk
  • Perform ad-hoc cybersecurity capability /maturity assessments, frequency and impact analysis in response to regulatory requirements and industry standards (OCC, FRB, FINRA, MAS, HKMA, PRA, NIST, ISO, COBIT, etc.).
  • Identify and report /escalate significant compliance and control issues, and help develop solutions by working closely with program owners. Help address info security control gaps through in-depth root cause analyses. Work with issue owners and control officers to monitor the progress of corrective action plans and risk exceptions. Provide management visibility of corrective actions that are at risk of missing plan. Drive the periodic discussion with second and third lines of defense to make sure there is clear understanding of corrective action scope by all stakeholders.
  • Assist in the management of audits, business monitoring, certification and other Regulatory, Internal and External Audit activities. Keep all stakeholders abreast of audit status by being the primary contact for CISO audits. Ensure predefined audit methodologies are followed. Facilitate factual accuracy discussions. Coordinate audit finding responses. Ensure there is no surprise in the audit report for all stakeholders.

Education:

  • Hands-on experience with enterprise-wide or business unit level cybersecurity risk assessments.
  • Hands-on knowledge of technology, security risk and compliance best practices such as Cyber Risk Institute Profile, FFIEC Cybersecurity Assessment Tool (CAT) and Info Security Handbook, MITRE ATT$CK, Factor Analysis of Information Risk (FAIR), Operationally Critical Threat, Asset, and Vulnerability Evaluation (OCTAVE), NIST Cyber Security Framework (CSF), COBIT, ISO/IEC 27001/27002, etc.
  • Hands-on knowledge of ServiceNow GRC or other GRC tools.
  • Understanding of global regulatory and legal requirements for cyber risk
  • Ability to apply understanding of business processes and technical skills to successful completion of projects.
  • Excellent communication, written and oral, interpersonal and presentation skills to technical and business audiences in a constantly evolving environment.
  • Demonstrated experience in critical thinking and problem solving in high pressure situations.
  • Self-motivated, the ability to manage multiple projects under strict timelines, accepting ownership and accountability of the processes, multi-tasking skills, deliver on commitments, and a team player.
  • Professional certification desirable: CISSP, CISM, CRISC, CISA

Qualifications:

  • Bachelor’s degree/University degree or equivalent experience
SEE MORE
APPLY NOW

Cyber Security Analyst

Are you passionate about working with the best information security team ?

The Cyber Security Analyst will function as a member of an enterprise network application layer intrusion, detection, prevention, and response team. This position will develop and implement custom alerts and dashboards monitoring controls based on OSI layer 7 attack and threat indicators.

Responsibilities include, but are not limited to:

  • Provides leadership in assessing new threat vectors and designing and implementing effective controls
  • Leverages advanced investigative skills using best in class data correlation and network/packet analysis tools
  • Will partner with senior leaders from lines of business organizations to triage security events and report on impacting security initiatives
  • Responsible for mentoring and developing the skill sets of less experienced team members
  • Develops and implements processes or controls in support of audit and risk requirements

Required Skills:

  • Strong Splunk skill set. The security analyst will leverage Splunk to analyze logs and other security events to find targeted attacks against network based bank assets.
  • Strong Intrusion Analysis background. Resource must be able to identify and interpret weblogs from various webservers.
  • Knowledgeable of current exploits. Resource must be able to identify common exploits from the appropriate web and event logs.
  • Working knowledge of Linux, Windows, and OS X operating systems.
  • Comfortable with scripting languages and regular expressions
  • Strong knowledge common network protocols
  • Working knowledge of enterprise Client / Server architecture
  • The analyst will use new intelligence to update existing controls to detect new threas.
  • Will be expected to have solid technical skills to operate independently and to support others within the security team
SEE MORE
APPLY NOW

Ready to get your free consultation?

GET IN TOUCH
CONTACT US
BUSINESS
2025 All rights reserved to DATAFENCE  

|   Designed By Studio Maya

×

WhatsApp Chat

Add Your Heading Text Here