Lead - Information Security

Backdrop

We are a Product Engineering Group, that has led large scale transformation engagements

with clients in Healthcare domain. Over a glorious journey of more than a decade, we have

partnered with a plethora of healthcare leaders to understand & address their unique needs &

challenges with Our Products & Professional Engineering Services.

Our engagements have created big impact & go much beyond delivering stand-alone

technology solutions. We are proud to have developed long-standing strategic partnership

with a distinguished client base.

Today, we have travelled a journey packed with growth, learning and opportunities - which in

turn empowered us to become a strong team of over 400 multi-disciplinary engineers spread

across our work locations in Reston (USA), Gurugram (India) and Indore (India).

Our Products & Services are designed to be incredibly adaptable to industry-wide strategies

& requirements, and serve heterogenous needs of healthcare enterprises across the board.

This has put us in a great spot to take our offerings to wider market.

An Overview Of The Job

• Develop, implement and monitor a strategic, comprehensive enterprise information
  
  

security and risk management program to ensure that the integrity, confidentiality and

availability of information is owned, controlled or processed by the organization.

• Design, implement, and maintain a robust information security architecture to ensure that
  
  

security measures are integrated into the overall infrastructure. This includes network

security, application security, and data security

• Develop and enforce information security policies and procedures in accordance with
  
  

industry standards, regulations, and compliance requirements (Example : HIPAA, HiTrust)

• Provide strategic risk guidance for IT projects, including the evaluation and
  
  

recommendation of technical controls

• Develop and implement risk management strategy to mitigate identified risks. Further,
  
  

create and adapt an incident response plan to address security incidents promptly

• Establish mechanisms for reporting security incidents. Conduct thorough investigations
  
  

into security incidents, breaches, or violations and take appropriate corrective actions.

• Conduct regular security audits and assessments to identify vulnerabilities and
  
  

weaknesses. Continuously assess and improve the effectiveness of security measures and

protocols.

• Develop and deliver security awareness programs to educate employees about security
  
  

risks and best practices. Ensure that all employees are aware of and adhere to security

policies through training programs and awareness campaigns.

• Collaborate with internal and external auditors to ensure compliance with regulatory
  
  

requirements and industry standards.

• Evaluate and monitor the security practices of third-party vendors and partners. Ensure
  
  

that vendors comply with information security standards and contractual security

requirements.

• Collaborate with legal and compliance teams to fulfill reporting obligations related to data
  
  

breaches. Work closely with other departments to understand business processes and

evaluate potential security threats.

• Identify and assess information security risks within the healthcare insurance environment.
  
  

Stay abreast of the latest trends and developments in information security.

Skills And Qualifications

• Bachelor’s or Master’s degree in Computer Science or any other analytically inclined field of
  
  

study

• Bachelor’s or Master’s degree in Computer Science or any other analytically inclined field of
  
  

study

• Should possess 7- 10 years of experience
• Candidate should have :
• Managed end-to-end Information Security, Cyber Security.
• Performed Risk Assessment from Cyber Security, Business Continuity and Privacy
  
  

perspective

• Experience in Data Privacy including Design, Development and Review of privacy
  
  

framework aligned

• Experience in Design, Assessment and Review of Information Security and Privacy
  
  

Framework aligned to IT Act requirements.

• Developed and Documented Information Security/ Cyber Security policies and
  
  

procedures