Information Security Analyst

Location: San Diego, CA Description: Our client is currently seeking a Information Security Analyst responsible for maintaining an effective cyber security environment,, under the direction of the Director, IS - Cyber Security. This role will work with other members of the team to assure adherence to medical device, privacy and financial regulation and responding to customer audits for products and services. The position will benchmark current cybersecurity and privacy policy, identify gaps and facilitate corporate compliance with stakeholder, while scaling the program to a global NIST/ISO risk framework to drives maturity. This senior analyst will also expand security processes and metrics to mitigate threats and meet regulatory commitments with a long-term goal of building a 3rd party attestation program

• Support FDA, MDR and global medical device regulatory cybersecurity demands with eye on immerging guidelines in key global strategic markets
• Help to maintain a comprehensive privacy program for GDPR, HIPAA and CCPA including driving privacy impact process, incident communication plan and privacy tabletop exercise
• Assist sales team with customer inquiries regarding cyber security controls in products and environments with a goal to streamline process
• Contribute to and maintain current cybersecurity standards and processes
• Generate and expand cybersecurity metrics to measure and reduce risk, identify gaps and provide executive management assurance of program effectiveness
• Build a NIST/ISO framework and map current policy and control gaps, with goal of future SSAE-18 SOC 2 Type II attestation
• Drive cybersecurity training program in key regulatory and risk areas
• Provide escalation support to all subsequent levels of security, Infrastructure and Client Services personnel
• Identify security and compliance gaps in systems and develop processes to remediate
• Ability to manage and drive projects and Carries out duties in compliance with established business policies
• Perform other duties & projects as assigned

• In depth knowledge of health care regulation and best practice for a global business
• Experience in supporting privacy related initiatives and regulations
• Experience with risk management frameworks including NIST 800-53, ISO 27002 and ISO 14971
• Experience in developing a 3rd party attestation program
• Excellent verbal and written communication skills
• Excellent customer service and interpersonal skills
• Excellent organizational and project management skills with strong attention to detail
• Strong analytical and problem-solving skills
• Ability to multi-task and work well under pressure
• Demonstrates commitment to the development, implementation and effectiveness of our Quality Management System per ISO 13485, FDA CFR 820 Title 21, and other regulatory agencies
• Understands and is aware of the quality consequences which may occur from the improper performance of their specific job.
• Has awareness of device defects that may occur in their area of responsibility, including product design, verification and validation, manufacturing and testing activities