Information Security Officer

Medison offers hope to patients suffering from rare and severe diseases by forming partnerships with emerging biotech companies to accelerate access to highly innovative therapies in international markets.

As the creator and leader of the global partnership category in the pharma industry we strive to be Always Ahead and work relentlessly to bring therapy to patients in need no matter where they live.

The Information Security Officer (ISO) at Medison Pharma will be responsible for developing updating and maintaining the organizational information security management framework including policies procedures and work plans. The ISO will provide consulting services on relevant solutions and products and lead the improvement and development of the information security field.

Additionally the ISO will manage projects related to the examination and implementation of new information security products and characterize information security solutions for related projects. The ISO will also advise on compliance with privacy and cyber protection laws and regulations conduct information security and privacy protection surveys and oversee ISO 27001 compliance focusing on all aspects of cybersecurity within Application Security (AppSec) Infrastructure Security (DevSec) Governance Risk and Compliance (GRC) Security Information and Event Management (SIEM)/Security Operations Center (SOC) incident response and IT security.

• Develop update and maintain a cybersecurity strategy.
• Manage a risk-based cybersecurity program to secure corporate IP technology information computer systems networks and data.
• Provide guidance on proposed cybersecurity best practices to different business functions.
• Develop comprehensive cybersecurity guidance processes and procedures based on industry standards.
• Stay informed on trends and issues in the security industry including current and emerging technologies and regulatory and compliance issues.
• Advise counsel and educate executive and management teams on the importance of cybersecurity.
• The position reports to Medisons CISO

Requirements :

• 5 years of experience as an ISO with a focus on reviewing and recommending security business solutions (GRC).
• Experience in a large global company.
• Certifications in one or more of the following areas: CISO CISM GISO IAM CISSP.
• Demonstrated knowledge of recognized security industry standards and leading practices (e.g. SOX ISO 27001/2/3 ISO 27018 GDPR PCI OWASP NIST DISA CIS etc.).
• Broad knowledge of cybersecurity technologies solutions and tools (e.g. encryption technologies SIEM DLP etc.).
• Strong knowledge of cloud technologies platforms and services.
• Broad knowledge of operational and security processes/controls (e.g. vulnerability management patch management configuration management access management etc.).
• Previous experience as a system administrator and/or security administrator is an advantage.

Additional qualifications:

• Ability to learn understand and apply new technologies.
• Strong analytical and problem-solving abilities.
• Excellent written and verbal communication skills.
• Fluent in English both written and verbal.
• Exceptionally self-motivated directed and detail-oriented with a strong sense of ownership.
• Ability to work independently in a highly complex and dynamic environment.

Remote Work :

Yes

Employment Type :

Full-time