Lead and maintain the Information Security Management System (ISMS) within the Hospital Patient Monitoring (HPM) Business, ensuring protection of the product platform and environments
Job Summary
Lead and maintain the Information Security Management System (ISMS) within the Hospital Patient Monitoring (HPM) Business, ensuring protection of the product platform and environments.
Develop, implement, and manage the organization’s ISMS framework in alignment with ISO/IEC 2700, BSI C5 and healthcare-specific standards, while leading risk assessments and internal audits.
Report on ISMS performance, incidents, and audit findings to senior leadership, maintaining current knowledge of the Information security field and the changing threat landscape.
Matching Summary
Lead and maintain the Information Security Management System (ISMS) within the Hospital Patient Monitoring (HPM) Business, ensuring protection of the product platform and environments.
Skills & Requirements
Must-have
ISMS framework development and implementation
Risk management processes
Compliance with healthcare regulations
Information Security Council leadership
Security controls implementation
Third-party risk assessment
Nice-to-have
Security and privacy mindset evangelization
Continuous integration and deployment pipeline security
Security testing oversight
Threat landscape knowledge
Key Requirements
Bachelor’s degree in Information Security, Computer Science, or related field
Professional certifications (CISM, CISSP, ISO 27001, HITRUST)
Minimum 8 years of experience in information security
At least 2 years in ISMS management
Strong understanding of healthcare regulations and data protection laws
Experience with risk management tools and GRC platforms