IT Security & Compliance Specialist

Ashfield Healthcare Communications Ltd
Macclesfield, UK
04 Aug 2019
27 Aug 2019
Contract Type
Full Time
Ashfield Healthcare Communications are looking for an IT Security & Compliance Specialist. Applicants must be comfortable working in a fast-paced environment while striving to exceed customer's expectations.

The purpose of this role is to ensure Ashfield Healthcare Communications (AHC) continues to provide high quality support services to its internal customers and ensuring IT Security & compliance in an increasingly demanding environment.

The successful candidate will have responsibility for the management of IT Security & Compliance within AHC & responding to and reporting on all compliance & risk related matters (including external audits).

They will work closely with the Group IT Security Lead and Information Security Analyst & AHC Compliance Lead.

Key responsibilities & Accountabilities:
  • Overall responsibility for ensuring the upkeep and alignment of AHC Policies & guidelines with Group, AHC Business Compliance and changing external requirements.
  • Identification and management of Key IT risks and reporting into AHC Business Risk Process.
  • Working with Group & AHC to ensure appropriate application of policies and guidance across the AHC estate.
  • Tracking & Reporting any Security or Compliance incidents and developing remediation plans (where required).
  • Carries out third party risk assessments, assessing supply-chain risk and responding to client security questionnaires.
  • Overseeing External Annual Penetration Testing, development of remediation plan & working with the various IT teams to ensure delivery to plan.
  • Developing education material and communications for AHC staff regrading Security and Compliance related issues.
  • Overall responsibility for handling requests for exceptions within the AHC IT environment and liaising with Group as/where necessary on these.
  • Providing Input to AHC Client MSA submissions regarding IT questions.
  • Working with Group Internal Audit to define & agree Internal Audit schedule, oversee the audit process & reporting and development & management of remediation plans.
  • Participation in Client Audit requests & data submissions.
  • Working closely with the Group Security Analyst in relation to Security reporting, investigation and remediation's.
  • Working with the wider AHC IT team to ensure all systems, processes and documentation are meeting Security & compliance requirements.
  • Annual review of all Policies, SOPs & WIs for compliance update requirements.

Competencies & Experience required:

You must have experience working in a similar role with the following:
  • Expertise in IT Security and an understanding of IT Security technologies and tools (e.g. Mimecast, Tenable, Palo Alto, end Point Security, Encryption, use & identify management).
  • Good understanding of Pharma Compliance (although AHC is not regulated, its Clients are so a good understanding of these is required).
  • Experienced in writing policies and procedures.
  • Broad understanding of IT infrastructure (Network & Server) & security related components.
  • Possesses strong analytical and diagnostic skills.
  • Demonstrates skills in communication, collaboration, relationship building in a global matrix organisation.
  • Proven ability to deliver against tight timelines in a high pressure organisation.
  • Excellent presentation and communications skills, to effectively communicate with management and clients.
  • Ability to clearly articulate complex concepts both written and verbally.
  • Ability to handle critical incidents effectively and under pressure.
  • Enthusiastic and highly adaptable with a willingness to learn & flexible in application.

  • Minimum of five years' IT security experience.
  • Bachelor's degree in information systems or equivalent work experience.
  • Holds or is working towards ISC2 SSCP or SANS GSEC certification.

Similar jobs

Similar jobs