We are looking for a:
Senior Risk and Compliance Analyst
Belgrade
Seven Bridges is connecting the world’s biomedical information to accelerate research and improve health. We are collaborating with a wide variety of distinguished pharmaceutical, health-care, and academic partners. A central part of our mission is to help these partners investigate and treat all kinds of genetic disorders.
At Seven Bridges we are building the most advanced cloud computing platform for genomics data analysis. Our team and product enable scientists to analyze genomic data faster and more efficiently than ever, so they can focus on making progress in genomics and personalized medicine.
The Senior Risk and Compliance Analyst will be a key member of the information security team, reporting to the Team Lead, Information Security and Compliance.
The ideal candidate will be a part of the global team and work on implementing international compliance standards - ISO 27001, ISO 27017, GDPR, SOC 2, FedRAMP, and many others. You will work with cloud environment within Amazon Web Services (AWS) and Google Cloud Platform (GCP) and with the cutting edge field of genomic precision medicine.
The successful candidate will bring expertise in IT general controls, auditing, compliance, a strong work ethic, and customer service skills. The successful candidate must excel at contributing to the security team. This role requires the right blend of technical and non-technical skills, and will be working across the entire Seven Bridges organization.
Responsibilities:
- Ensuring the successful design, implementation, documentation and operation of information technology general controls
- Implementing security best practices and business unit security ownership across the organization
- Assisting in collecting and reviewing documentation for third party audits
- Assisting US and EU based sales and pre-sales teams in responding to customer’s security and compliance related inquiries
- Working with International Account Managers regarding existing customer security requests and related inquiries
- Assisting in coordinating investigations and responding to information security incidents
- Assisting with development, maintenance and review of information security policies and procedures
- Development quality management system (QMS) documentation in support of pharmaceutical requirements
- Supporting information security awareness activities
Qualifications:
- Bachelor’s degree in Computer Science, Accounting, Finance, Information Systems, or related field
- 1+ years experience in risk, controls and compliance
- Public accounting IT risk and controls experience preferred
- English language proficiency
- Experience preferred in applying relevant technical knowledge in at least two of the following audits/regulations: SOC 1, SOC 2, SOC 3, ISO 27001, ISO 27017, ISO 27018, ISO 27701, FISMA, FedRAMP, SOX 404, HITRUST CSF, HIPAA, ISO 9001, GxP, 21 CFR Part 11, GAMP 5, EU Annex 11
- Strong written and verbal communication skills and presentation skills
- Leadership, teamwork and client service skills
- Organized, detail-oriented, trustworthy, willing to speak up, proactive, persuasive
- Demonstrated integrity within a professional environment
- CISA, CISSP, CISM certifications preferred
- Travel 10%, including Boston, Massachusetts office location
Technology:
- Technical audit / controls experience: Operating Systems (Linux), Databases, Web Applications
- Identity and access management (I&AM) experience
- Exposure to security technologies such as IDS, Firewalls, Anti-virus, SIEM, WAF, etc.
- Amazon Web Services (AWS) and Google Cloud Platform (GCP)
- Atlassian Suite - JIRA & Confluence
- G-Suite business applications (docs, sheets, slides, etc)
Extra Credit:
- Experience auditing within the pharmaceutical or healthcare industries
- Familiarity with the command line interface of multiple operating systems – Windows, macOS, Linux, etc.
- Understanding of scripting languages to include the following – python, shell, ruby, perl
- Corporate IT / Help desk
- Docker, Ansible, Kubernetes
- A sense of humor
We value our team more than anything else. We like to learn from each other and share knowledge. Our team is built upon a culture of initiative and openness, we embrace open discussion and genuine curiosity. We value expertise, integrity, accountability and patience.
If you would like to work with us and help us build the next generation of genomics and be part of our security team, please send your resume/CV and a cover letter.
Thank you for your interest in joining Seven Bridges!
Deadline for applications: 16.02.2020.