We are an innovative startup in the clinical development space, leveraging AI to design smarter and more efficient clinical trials for pharmaceutical companies. We're on a mission to revolutionize the way clinical trials are conducted, making them faster, cheaper, and more effective. What sets us apart is our unique ability to integrate vast amounts of patient data and leverage biological insights within our machine learning models, allowing us to predict clinical trial outcomes with a high degree of accuracy.
We are committed to maintaining the highest standards of data security and regulatory compliance to ensure the safety and efficacy of our solutions. As such, we are seeking an experienced and detail-oriented Information Security Officer who will take a hands-on approach to spearhead our compliance initiatives. This role is crucial for attaining and maintaining SOC2 compliance and ensuring adherence to all relevant regulations and standards.
Key Responsibilities:
- Compliance: Lead the end-to-end process of obtaining and maintaining SOC2 compliance and ISO 27001 certification including scoping, gap analysis, remediation, documentation, and audit coordination.
- Regulatory Adherence: Ensure ongoing compliance with healthcare regulations such as HIPAA, GDPR, and other relevant standards.
- Risk Management: Conduct regular risk assessments and develop mitigation strategies to manage and reduce potential compliance risks.
- Policy Development: Create, update, and enforce company policies and procedures to align with industry standards and regulatory requirements.
- Data Governance: Establish and oversee frameworks and practices for data governance to ensure the availability, usability, integrity and security of the data in enterprise systems.
- Access Control: Develop and manage access control policies, procedures, and technologies to ensure that only authorized individuals have access to sensitive information.
- Training & Awareness: Design and deliver training programs to educate employees on compliance requirements, data protection, and information security protocols.
- Documentation: Maintain detailed records of compliance activities, audit findings, and remediation efforts.
- Audit Coordination: Act as the primary point of contact for internal and external auditors, providing them with necessary documentation and support.
- Vendor Management: Assess and monitor third-party vendors for compliance with our standards and regulatory requirements.
- Customer Requirements: Serve as the primary point of contact for customers regarding vendor qualification and compliance-related inquiries.
- Continuous Improvement: Stay updated on changes in relevant regulations and industry standards to ensure the company’s compliance programs are current and comprehensive.
Qualifications:
- Education: Bachelor's degree in a relevant field (e.g., Information Security, Computer Science). A compliance-specific certification (e.g. CISA, CISM, CHC) is a plus.
- Experience: Minimum of 3-5 years of hands-on experience in a compliance role, preferably within a SaaS or healthcare setting.
- Knowledge: Strong understanding of SOC2, HIPAA, GDPR, and other relevant regulatory frameworks.
- Technical Skills: Knowledge of information security principles, risk management methodologies, and compliance software/tools.
- Communication: Excellent written and verbal communication skills to effectively convey compliance requirements and reports.
- Attention to Detail: Highly detail-oriented with strong analytical and problem-solving skills.
- Proactivity: Self-motivated with the ability to work independently and take the initiative in a fast-paced environment.
What We Offer:
- Competitive salary and equity options.
- A collaborative, inclusive, and dynamic work environment.
- Opportunities for professional growth and development.
- The chance to work on cutting-edge AI technology that is transforming clinical trials.
Notes:
- We understand that no candidate may fulfill 100% of the qualifications. Trust your experience and apply! We value individuals who are passionate about learning and are eager to bridge any knowledge gaps through their work.
- At QuantHealth, we believe in creating an inclusive and diverse work environment where everyone can thrive and contribute to our shared goals. We welcome applicants from all backgrounds and experiences.
- For Israel-based applicants, our office is in Tel Aviv and we mix remote and in-office work. Most of the team is there twice week and works from home the remaining days.
- For US-based applicants, you would be fully remote. Note that we already have multiple remote team members and our processes are adapted to remote work.
