Information Security Professional

**Introduction**

Siemens Healthineers develops MedTech products that support better patient outcomes with greater efficiencies, giving providers confidence that they need to meet the clinical, operational, and financial challenges of a changing healthcare landscape. With 70,000+ employees Siemens Healthineers is one of the world’s largest suppliers of technology to the healthcare industry. As a global leader in medical imaging, laboratory diagnostics, and healthcare information technology, we have a keen understanding of the entire patient care continuum—from prevention and early detection to diagnosis and treatment.

**Brief Description**:
An Information Security Management system is maintained to address the complex challenges and threats in the rapidly evolving digital landscape and fulfill the organization’s purpose and values. As an Information Security Professional, you will play an essential role in implementing and maintaining our Information Security requirements in accordance with ISO27001 and other relevant regulatory standards. You will gain expertise in driving implementation of various Information security topics in a cross-collaborative environment.

**What are my key Responsibilities?**
- Assist the implementation and continuous improvement of the ISO27001 Information Security Management System (ISMS).
- Conduct regular risk assessments and internal audits to ensure compliance with ISO27001 standards.
- Ensure adherence to all relevant regulatory requirements as directed by the Global Cybersecurity Governance Organization and country specific cybersecurity requirements.
- Assist to Develop and maintain policies, procedures, and process documentation to meet the Information Security requirements.
- Work closely with various departments to collect and analyze operational security measures and help integrate measures into all aspects of operations without the need for follow-ups or reminders.
- Assist project teams for information security inquiries and incident response.
- Monitor and respond to security incidents and breaches, ensuring timely resolution and documentation of incidents.
- Assist with Planning, coordinating, conducting and preparing detailed audit reports for internal and external audits to assess the effectiveness of the information security program.
- Follow up on audit recommendations to ensure timely implementation of corrective actions.
- Maintain a comprehensive audit trail for all information security activities and initiatives.

**What do I need to qualify for this job?**
- Bachelor’s degree in engineering, Information Security, Computer Science, or a related field with 4-6 years of working experience.
- Minimum of 2-3 years of hands-on experience in information security, with a focus on implementing ISO27001.
- Strong understanding of ISO 27001 requirements, information security principles, risk management, IT infrastructure set up and regulatory requirements.
- Good understanding of ISO 27701 PIMS standards.
- Proven ability to work independently and collaboratively with cross-functional teams.
- Excellent communication, presentation and interpersonal skills.
- Self-directed with an ability to take ownership and accountability of assigned tasks.
- Familiarity with Software development best practices for ensuring security.
- Previous experience with Software quality assurance responsibilities will be preferred.
- Highly Recommended to have completed Lead Implementor certification in ISO 27001 standard**.**

**What else do I need to know?