OSI Systems, Inc. Information Security & Compliance Analyst in Snoqualmie, Washington
At Spacelabs Healthcare, we are on a mission to provide continuous innovation in healthcare technology for better clinical and economic outcomes. Our scalable solutions deliver critical patient data across local and remote systems, enable better-informed decisions, increase efficiencies, and create a safer environment for patients.
Why work at Spacelabs? Because lives depend on you!
The Information Security & Compliance Analyst is responsible for contributing to and executing on the Security Certification strategy as defined by Spacelabs Leadership. This consists of maintaining existing third-party assurance programs already held by Spacelabs, as well as driving the analysis and adoption of new programs as directed by Spacelabs leadership. This role will also effectively monitor Spacelabs controls by understanding intent, and implementation of controls, as well as drive changes within the organization through effective testing. This position reports to the Cybersecurity Information Office for Spacelabs and works with a global cyber security team, interfacing with OSI corporate.
Support and lead various third-party assurance programs including ISO 27001, SOC 2 Type II, FedRAMP and more.
Perform activities to help measure and monitor compliance with company policies and procedures.
Facilitate customer and certifier requests and information gathering for audit activities and lead onsite audits.
Successfully project manage and drive testing activities across various teams within the organization.
Uphold the company’s core values of Integrity, Innovation, Accountability, and Teamwork.
Demonstrate behavior consistent with the company’s Code of Ethics and Conduct.
It is the responsibility of every employee to report to their manager or a member of senior management any quality problems or defects in order for corrective action to be implemented and to avoid recurrence of the problem.
Duties may be modified or assigned at any time to meet the needs of the business.
8+ years working in the field of IT compliance or IT audit.
Bachelor's degree in relevant study.
Practical working involvement, and successful history of facilitating and delivering cloud security certifications such as ISO 27001, SOC 2 type II or FEDRAMP.
Deep understanding of common certifications and attestations to include ISO 27001, SSAE18 SOC 1, SOC2, HITRUST, ISO 27701+.
Prior experience of working in the Security and Compliance group at a SaaS/Cloud company or with Security & Risk practice of a Big 4 audit firm.
Relevant professional certifications such as CISSP, CISA, CISM, CIPP, GIAC, PMP.
Strong organizational skills, attention to detail and ability to multi-task
Prior experience with GRC systems preferred.
Ability to understand the intent of compliance requirements to provide effective and meaningful analysis.
Excellent verbal, written, and presentation skills.
Demonstrated ability to work as part of a team.
Able to reliably complete assignments with limited supervision, and to help lead the actions of others to accomplish complex or extended work assignments.
Experience performing Project Management responsibilities to plan and track execution of assigned workload.
Experience working in a global environment across multiple time zones.
Domestic and international travel required; must be able to acquire all necessary travel documents.
May be required to complete US federal background check and requirements for access to US government facilities and/or government IT networks.
NOTICE TO THIRD PARTY AGENCIES
OSI Systems, Inc. and its subsidiaries (collectively “OSI”) does not accept unsolicited resumes from recruiters or employment agencies. If any person or entity, including a recruiter or agency, submits any information, including any resume or information regarding any potential candidate, without a signed agreement in place with OSI, OSI explicitly reserves the right to use such information, and pursue and/or hire such candidates, without any financial obligation to the person, recruiter or agency. Any unsolicited information or resumes, including those submitted directly to hiring managers, are considered and deemed to be the property of OSI.
Equal Opportunity Employer
EEO is the Law
Poster Link: http://www1.eeoc.gov/employers/upload/eeocselfprint_poster.pdf
OSI Systems, Inc. has three operating divisions: (a) Security, providing security and inspection systems, turnkey security screening solutions and related services; (b) Healthcare, providing patient monitoring, diagnostic cardiology and anesthesia systems; and (c) Optoelectronics and Manufacturing, providing specialized electronic components and electronic manufacturing services for original equipment manufacturers with applications in the defense, aerospace, medical and industrial markets, among others.
Requisition #: 21120
External Company URL: www.osi-systems.com
Street: 35301 SE Center Street