Job
Description
As a passionate member of Advarra, you will play a crucial role in overseeing the information security compliance program for the relevant region. Your responsibilities will include identifying areas of non-compliance and directing corrective action while serving as a consultant and advisor to regional site leadership on information security and related matters. You will take the lead in initiating, facilitating, and promoting activities that enhance information security awareness within your area of responsibility. Your role at Advarra will involve fostering a culture of cybersecurity within the organization, driving behavioral changes for the business, and providing insightful reports and communications to regional and site-level leadership on security trends and statistics. You will also be instrumental in assisting the Chief Information Security Officer (CISO), Security Operations Lead, Privacy, and Compliance in responding to regional security incidents and potential breaches of electronic protected health information (ePHI) and electronic personally identifiable information (ePII). In addition to these duties, you will be responsible for developing and implementing risk management strategies and corrective action plans for your designated region or business area. This will involve conducting risk assessments, analyzing potential risks, and implementing mitigation and remediation measures. You will also coordinate both external and internal security and privacy audit controls to monitor activity on electronic systems containing sensitive information. Furthermore, you will ensure that disaster recovery, business continuity, risk management, and access control needs are documented and addressed for your region or business area. You may also lead strategic projects with regional and national scope, such as Data Leak Protection, Vulnerability Management, and Phishing Simulation reporting. This individual contributor role does not involve managing direct reports and requires a Bachelor's degree in computer science, information systems, or a related field, along with 5-10 years of experience leading an information security program. A CISSP or CISM certification is preferred, and experience in regulated industries such as Life Science, Health Care, or manufacturing is beneficial. Your ability to lead audits and assessments related to ISO27001, HIPAA, and HITRUST, as well as experience in vendor and product selections, will be valuable in this role. Located in Bengaluru, India, this position offers a hybrid work option. While CRISC, CGEIT, CISA GSEC, and GCIH certifications are helpful, they are not mandatory. The role may involve sitting or standing for extended periods, carrying objects, and focusing on tasks with verbal communication skills being essential for effective collaboration.,
