Specialist, Information Security

Specialist, Information Security

Apply

Locations: Halifax, Canada
Time Type: Full Time
Posted On: Posted 2 Days Ago
Job Requisition ID: JR_037219

The Information Technology (IT) team plays a key role in providing business enablement throughout ResMed. We are focused on application, infrastructure, and user productivity solutions, with innovation, efficiency and security. Our goal is providing customer-oriented agile delivery, effective business partnership and state-of-the-art technology solutions.

This position is part of the Global IT Security team at ResMed, dedicated to maintaining the integrity and security of the company's information and global computing infrastructure. We are looking for a proactive Third-Party Risk Management Specialist to join our Global Enterprise Security Services team. In this business-facing role, you will be instrumental in managing third-party risk and securing our vendor relationships. The ideal candidate should have a deep understanding of vendor security evaluations and IT security risk management, as well as practical experience with security assessment tools. You will collaborate closely with IT leadership, business units, executive teams, and key stakeholders to align security strategies with business goals. This role necessitates significant collaboration across diverse cultures and time zones.

Let’s talk about Responsibilities

1. Conduct and oversee thorough security assessments of third parties, ensuring they meet the highest security standards and regulatory requirements.
2. Perform IT Security Risk Assessments and manage associated risks from third-party vendors.
3. Ensure adherence to internal security policies as well as international standards and regulations such as ISO 27001, NIST, SOC 2, HIPAA, GDPR, and PCI/DSS.
4. Utilize advanced TPRM tools to carry out assessments and produce reports.
5. Collaborate with business units to effectively communicate findings and recommendations, ensuring they align with organizational objectives.
6. Stay informed about the latest trends and developments in security, cloud security, and third-party risk management.
7. Encourage a culture of continual learning and development within the team by exploring modern technologies like GenAI, Machine Learning, DevSecOps, Data Lakes, Analytics, etc.
8. Provide regular updates to senior management on the status of security initiatives, risk assessments, and compliance efforts.

Let’s talk about Qualifications and Experience

Required:

1. Practical experience conducting security assessments for third parties.
2. Extensive knowledge of vendor security evaluations and IT security risk management frameworks.
3. Understanding of security standards, frameworks, or regulations like ISO 27001, NIST, SOC 2, CIS, HIPAA, GDPR, and PCI/DSS.
4. Familiarity with security controls such as Authentication, Authorization, Encryption, Firewalls, WAF, DLP, SIEM, Incident Management, Change Management, Business Continuity, Disaster Recovery, and Endpoint Protection.
5. Strong communication and presentation abilities, capable of effectively engaging with business stakeholders.
6. A proactive attitude with a keen interest in learning and advancing in the field of information security.

Preferred:

1. Bachelor’s degree in computer science or related field.
2. Master’s degree or security certifications (e.g., CISM, ISO27001 LA, AWS Security, etc.).
3. Minimum 2 years of experience in IT security risk assessment and management.
4. Exposure and knowledge of cloud environment (AWS, Azure) and SaaS security.
5. Experience within a manufacturing firm in the healthcare industry.

Joining us is more than saying “yes” to making the world a healthier place. It’s discovering a career that’s challenging, supportive and inspiring. Where a culture driven by excellence helps you not only meet your goals, but also create new ones. We focus on creating a diverse and inclusive culture, encouraging individual expression in the workplace and thrive on the innovative ideas this generates. If this sounds like the workplace for you, apply now! We commit to respond to every applicant.

About Us

At ResMed (NYSE: RMD, ASX: RMD) we pioneer innovative solutions that treat and keep people out of the hospital, empowering them to live healthier, higher-quality lives. Our digital health technologies and cloud-connected medical devices transform care for people with sleep apnea, COPD and other chronic diseases. Our comprehensive out-of-hospital software platforms support the professionals and caregivers who help people stay healthy in the home or care setting of their choice. By enabling better care, we improve quality of life, reduce the impact of chronic disease and lower costs for consumers and healthcare systems in more than 140 countries. To learn more, visit ResMed.com and follow @ResMed.

ResMed Corporation is an equal opportunity employer and provides equal opportunity in employment for all qualified persons, without regard to sex, gender identity, sexual orientation, race, color, religion, national origin, disability, protected Veteran status, age, or any other characteristic protected by law.

(US/Canada only) ResMed is an equal opportunity/affirmative action employer. ResMed is an E-Verify Employer. ResMed is a smoke-free workplace.

We are a 2024 Circle Back Initiative Employer – we commit to respond to every applicant!