Careers

Regulatory Specialist

The Regulatory Specialist is responsible for identifying and implementing necessary to process changes to maintain ISO27001 and SOC2 type 2 certifications. The Regulatory Specialist will assist in proactively identifying possible security and privacy concerns and inadequate systems that can negatively impact patients and customer satisfaction. The Regulatory Specialist is also responsible for leading improvement initiatives based on their findings.

Responsibilities:

Understand and remain current on applicable InfoSec, PHI and privacy regulations in North America, Europe, Israel and other geographies as required
Develops and maintains strong working relationship with internal teams, especially INFOSEC and Privacy.
Raise Intelerad privacy and security maturity level
Maintain up-to-date ISMS procedures and ensure they are being applied.
In conjunction with InfoSec, lead integration of such SOPs.
Gain an understanding of normal work process and any gaps that may exist between actual practice and established procedures as per privacy and InfoSec regulations
Participate in the definition and implementation of any new privacy and security policies, practices and controls.
In collaboration with the privacy compliance manager, follow-up on information security or privacy incidents, and propose improvement solutions to prevent breaches, events and weaknesses
Coordinate and participate in external and internal ISMS audits (ISO 27001 and SOC 2) and coordinate corrective and preventive actions
Document outputs of post-marketing surveillance activities related to the uptime of cloud-based solutions and share it with appropriate stakeholders and follow-up on action items raised during these activities
Collaborate with internal teams to document trends and risks in order to develop, implement and lead initiatives that will improve Intelerad s security and risk profile
Ensure that documented processes are followed in a consistent, timely and efficient manner
Acts as technical expert on client-based security surveys, and assists in completing them
Coordinate incident post-mortem and track corrective and preventive actions related to it
Maintain up-to-date security and privacy training material

Qualifications

Required Experience/Skills:

Bachelor s degree in InfoSec, business, quality management or related fields (or equivalent certification)
Minimum 3 years experience in information security management system(s)
Knowledge of ISO-27001 and SOC 2 certification
Experience in the IT field, software development, medical and/or cloud hosting
Training in quality management and quality improvement
Knowledge of MS Office, Google Suite and Visio (or similar workflow tool)
Strong verbal and written communication skills in English and Hebrew.
Well-organized and project-oriented

Junior Regulatory Specialist

If you are looking to start your career in Cybersecurity and Compliance this is your starting point.

Responsibilities:

Understand and remain current on applicable InfoSec, PHI and privacy regulations in North America, Europe, Israel and other geographies as required
Develops and maintains strong working relationship with internal teams, especially INFOSEC and Privacy.
Raise Intelerad privacy and security maturity level
Maintain up-to-date ISMS procedures and ensure they are being applied.
In conjunction with InfoSec, lead integration of such SOPs.
Gain an understanding of normal work process and any gaps that may exist between actual practice and established procedures as per privacy and InfoSec regulations
Participate in the definition and implementation of any new privacy and security policies, practices and controls.
In collaboration with the privacy compliance manager, follow-up on information security or privacy incidents, and propose improvement solutions to prevent breaches, events and weaknesses
Coordinate and participate in external and internal ISMS audits (ISO 27001 and SOC 2) and coordinate corrective and preventive actions
Document outputs of post-marketing surveillance activities related to the uptime of cloud-based solutions and share it with appropriate stakeholders and follow-up on action items raised during these activities
Collaborate with internal teams to document trends and risks in order to develop, implement and lead initiatives that will improve Intelerad s security and risk profile
Ensure that documented processes are followed in a consistent, timely and efficient manner
Acts as technical expert on client-based security surveys, and assists in completing them
Coordinate incident post-mortem and track corrective and preventive actions related to it
Maintain up-to-date security and privacy training material

Qualifications

Required Experience/Skills:

Bachelor s degree in InfoSec, business, quality management or related fields (or equivalent certification)
Basic Knowledge of ISO-27001 and SOC 2 certification
Basic Experience in the IT field, software development, medical and/or cloud hosting
Knowledge of MS Office, Google Suite and Visio (or similar workflow tool)
Strong verbal and written communication skills in English and Hebrew.
Well-organized and project-oriented

Cybersecurity Risk Assessment Specialist

The Cybersecurity Risk Assessment Specialist is an intermediate level position responsible for driving efforts to prevent, monitor and respond to information/data breaches and cyber-attacks. The overall objective of this role is to ensure the execution of Information Security directives and activities in alignment with customer’s data security policy.

Responsibilities:

Work with business unit point persons to perform Cybersecurity Inherent Risk Assessments based on the Cyber Assessment Tools and methodologies.
Collect domain-level assessment results and work with control owners to perform enterprise-wide cybersecurity Control Effectiveness Assessments based on the Cyber Risk Profile
Leverage the control effectiveness and maturity ratings in the Cyber Risk Profile to deduce the Residual Risk Ratings for the inherent risk
Perform ad-hoc cybersecurity capability /maturity assessments, frequency and impact analysis in response to regulatory requirements and industry standards (OCC, FRB, FINRA, MAS, HKMA, PRA, NIST, ISO, COBIT, etc.).
Identify and report /escalate significant compliance and control issues, and help develop solutions by working closely with program owners. Help address info security control gaps through in-depth root cause analyses. Work with issue owners and control officers to monitor the progress of corrective action plans and risk exceptions. Provide management visibility of corrective actions that are at risk of missing plan. Drive the periodic discussion with second and third lines of defense to make sure there is clear understanding of corrective action scope by all stakeholders.
Assist in the management of audits, business monitoring, certification and other Regulatory, Internal and External Audit activities. Keep all stakeholders abreast of audit status by being the primary contact for CISO audits. Ensure predefined audit methodologies are followed. Facilitate factual accuracy discussions. Coordinate audit finding responses. Ensure there is no surprise in the audit report for all stakeholders.

Qualifications:

Hands-on experience with enterprise-wide or business unit level cybersecurity risk assessments.
Hands-on knowledge of technology, security risk and compliance best practices such as Cyber Risk Institute Profile, FFIEC Cybersecurity Assessment Tool (CAT) and Info Security Handbook, MITRE ATT$CK, Factor Analysis of Information Risk (FAIR), Operationally Critical Threat, Asset, and Vulnerability Evaluation (OCTAVE), NIST Cyber Security Framework (CSF), COBIT, ISO/IEC 27001/27002, etc.
Hands-on knowledge of ServiceNow GRC or other GRC tools.
Understanding of global regulatory and legal requirements for cyber risk
Ability to apply understanding of business processes and technical skills to successful completion of projects.
Excellent communication, written and oral, interpersonal and presentation skills to technical and business audiences in a constantly evolving environment.
Demonstrated experience in critical thinking and problem solving in high pressure situations.
Self-motivated, the ability to manage multiple projects under strict timelines, accepting ownership and accountability of the processes, multi-tasking skills, deliver on commitments, and a team player.
Professional certification desirable: CISSP, CISM, CRISC, CISA

Education:

Bachelor’s degree/University degree or equivalent experience

Cyber Security Analyst

Are you passionate about working with the best information security team ?

The Cyber Security Analyst will function as a member of an enterprise network application layer intrusion, detection, prevention, and response team. This position will develop and implement custom alerts and dashboards monitoring controls based on OSI layer 7 attack and threat indicators.

Responsibilities include, but are not limited to:

Provides leadership in assessing new threat vectors and designing and implementing effective controls
Leverages advanced investigative skills using best in class data correlation and network/packet analysis tools
Will partner with senior leaders from lines of business organizations to triage security events and report on impacting security initiatives
Responsible for mentoring and developing the skill sets of less experienced team members
Develops and implements processes or controls in support of audit and risk requirements

Required Skills:

Strong Splunk skill set. The security analyst will leverage Splunk to analyze logs and other security events to find targeted attacks against network based bank assets.
Strong Intrusion Analysis background. Resource must be able to identify and interpret weblogs from various webservers.
Knowledgeable of current exploits. Resource must be able to identify common exploits from the appropriate web and event logs.
Working knowledge of Linux, Windows, and OS X operating systems.
Comfortable with scripting languages and regular expressions
Strong knowledge common network protocols
Working knowledge of enterprise Client / Server architecture
The analyst will use new intelligence to update existing controls to detect new threas.
Will be expected to have solid technical skills to operate independently and to support others within the security team

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.