The Information Security Specialist is a strategic role within DeepHealth’s Quality, Regulatory, and Compliance department, responsible for assisting in the development, implementation, and maintenance of comprehensive information security compliance strategies. This position is critical in protecting organizational data, ensuring regulatory adherence, and mitigating potential security risks in the complex digital health landscape.
Duties and Responsibilities
As the Information Security Specialist, this position will work with the Information Security Officer, IT Operations, Sec Operations and the broader Compliance team to:
Information Security Compliance Strategy:
Develop and implement holistic security compliance programs
Create comprehensive risk management frameworks
Design and maintain security policies, procedures, and guidelines
Continuously assess and update security strategies
Ensure alignment with organizational objectives and regulatory requirements
Regulatory Compliance:
Ensure compliance with complex regulatory standards including, but not limited to:
HIPAA
GDPR
CCPA
ISO 27001
HITRUST
Conduct thorough risk assessments and vulnerability evaluations
Prepare detailed compliance reports and documentation
Support external and internal audit processes
Track and implement regulatory changes
Technical Security:
Perform comprehensive security vulnerability assessment
Develop and implement security control frameworks
Monitor and analyze security incidents and breaches
Design and conduct security awareness training programs
Manage access control and identity management systems
Evaluate and recommend security technologies and solutions
Incident Response and Management:
Develop and maintain incident response plans
Coordinate rapid and effective responses to security incidents
Conduct pos-incident analysis and implement preventive measures
Maintain detailed incident documentation and reporting
Interdepartmental Collaboration:
Work closely with IT, Legal, Compliance, and Clinical teams
Provide security guidance and recommendations
Facilitate cross-functional security awareness and training
Support technology implementation and security best practices
Please Note: This is not an exhaustive list of all duties, responsibilities and requirements of the position described above. Other functions may be assigned, and management retains the right to add or change duties at any time.
Qualifications
Qualifications include:
Bachelor’s degree in Cybersecurity, Information Security, Computer Science or related field (or equivalent experience). Master’s degree or advanced security certifications preferred, such as:
CISSP (Certified Information Systems Security Professional)
CISM (Certified Information Security Manager)
CRISC (Certified in Risk and Information Systems Control)
3-5 years of progressive experience in security compliance with healthcare, medical technology, or highly regulated industries.
Proven track record of developing and implementing security strategies.
Experience with regulatory compliance in complex environments, including:
An advanced understanding of security frameworks and compliance standards
Proficiency in security tools and technologies
Experience with risk assessment and management tools
Excellent written and oral communication and interpersonal skills with the ability to explain complex security concepts to diverse audiences.
High level of integrity and confidentiality.
Working Environment
This position is preferably based in the Netherlands or the UK, but working from most EU countries is a possibility.
This position will have the ability to work remotely.
ACCOMMODATIONS
Reasonable accommodations may be made to enable people with disabilities to perform the essential functions of the job.
Salary Range:
€65,000 - €75,000 EUR Annually
£55,000 - £65,000 GBP Annually
