Cybersecurity Auditor
US-OH-Cincinnati
US Careers
Req #: 10653
Type: Full-Time
|
|
|||||||||||
|
||||||||||||
Overview: Medpace is a full-service clinical contract research organization (CRO). We provide Phase I-IV clinical development services to the biotechnology, pharmaceutical and medical device industries. Our mission is to accelerate the global development of safe and effective medical therapeutics through its scientific and disciplined approach. We leverage local regulatory and therapeutic expertise across all major areas including oncology, cardiology, metabolic disease, endocrinology, central nervous system, anti-viral and anti-infective. Headquartered in Cincinnati, Ohio, employing more than 5,000 people across 40+ countries. Responsibilities: * Perform SOX, SOC2, and GxP audits; * Drive organizational alignment to the NIST Cyber Security Framework and perform annual reviews; * Mature an organizational risk management program; * Help advance the supply chain security evaluation program; * Develop and modify corporate information security policies and procedures, including writing, reviewing, and updating policy documents; * Evaluation of customer information security requirements within contracts to ensure compliance; * Complete customer security questionnaires and help maintain an information security question/answer database; * Perform customer-facing security presentations; and * Support the development of Information Security training. Qualifications: * Minimum of bachelor's degree, preferably in Information Technology. * Minimum of two years of experience in Information Security auditing or compliance activities. * Auditing and policy writing experience. * Understanding of security best practices and how to implement them business-wide. * Previous employment or experience in a highly regulated industry such as healthcare, financial, or defense experience with standards such as ISO, NIST, HIPPA, and/or SOC2. * Vendor risk management platforms (Security Scorecard, BitSight, Black Kite, etc.). * Experience with a security information and event management system (SIEM) for audit.
Share this job:
