Share this Job

Assistant Manager, IT Compliance

Requisition Number:  25350
Location: 

Trevose, PA, US

International SOS is the world’s leading medical and security services company with over 12,000 employees working in 1,000 locations in 90 countries. We were founded on the principle of putting our clients’ employees first and this is still true today. Led by 5,200 medical professionals and 200 security specialists our teams work night and day to find solutions to protect our clients and their employees in whatever situation they may be facing; we assess, advise and assist from a medical, security and logistical perspective on a global scale to protect and save lives and thereby enable our clients to achieve their business goals. As we’ve delivered on this mission over the last 35 years, we have become the market leader in global telehealth services and digital health solutions for an extensive client base of Fortune 500 companies, NGO’s and governments around the world.

Job Description:

In this role, the candidate will facilitate overall management of all aspects of client assurance (questionnaire, agreements and audits) and SOC 2 Type II assessment for the organization (Aspire AMEX, Aspire Lifestyles and International SOS) program on time. This candidate will lead IT compliance discussions with customer security point of contacts and support sales, BDMs and commercial desk on contract reviews and be the customer’s voice in ISMC. 

Essential Job Duties and Responsibilities:

Information Security Compliance 

  • Prepare the compliance dashboard to show effort vs. workload and follow-up tasks/ pending itemson customer compliance on a monthly basis and support the IT Compliance Manager to present in security forums such as security steering committee, data protection committee, information security management committee.
  • Support IT Compliance Manager and work closely with technical team members from systems, applications, information security, project management, data protection, commercial desk and sales team.
  • Provide expert opinion on information security policies to ensure that these are updated based upon  the  new  security  trends,  customer  needs,  incident  trend  and  legal  or  regulatory requirements.
  • Coordinate the annual SOC 2 Type II Assessment for International SOS and Aspire Lifestyles on an annual basis. Coordinate globally with all responsible parties in HR, IT, Sales, Service Delivery and Facilities for evidence collection and submission.
  • Coordinate with external auditors and ensure that SOC 2 Type II Assessment for International SOS, Aspire Lifestyles and Aspire AMEX on an annual basis.
  • Prepare SOC 2 Type II security compliance dashboard for the organisation, report and follow-up on all open audit action items and ensure successful closure of open findings

 

Client Questionnaire, Audits and Contract/ Service Agreement Reviews

  • Establish and operate an effective client questionnaire response knowledgebase.  Ensure that all client questions are answered within 5 business days and follow-up questions within 2 business days.
  • Ensure that required information security certification programs SOC 2 Type II, ISO/IEC 27001
  • Certification,  Truste  Certification,  HIPAA  Compliance  and  PCIDSS  certification  are  used effectively to reduce the workload related to client questionnaires.
  • Draft, update and maintain and up-to-date ISMS Narrative and other security overview documents and use the same to position group information security in client audits. Escalate to other internal team leads/ department heads on potential issues related to security leading to loss of potential business contracts.
  • Participate and lead the client contract reviews, adjust and propose security compliance requirements to reduce the added risk and workload for internal team members by reducing the compliance requirements and managing it through existing certifications and internal assessment (SOC 2 Type II, ISO/IEC 27001 Certification, Truste Certification)
  • Prepare client questionnaire, audit and contract dashboard for the organisation, report and follow- up on all open audit action items and ensure successful closure of open findings.

 

Cross Functional Coordination

  • Coordinate with various teams to support information security governance, Information Security Compliance Management, Vendor Risk Management and Assessments, Client Questionnaire, Audits and Contract/ Service Agreement Reviews. 

Required Skills and Knowledge:

  • Minimum 4 to 8 years of information security compliance and risk management work experience with a broad range of exposure to all aspects of IT security audit planning, audit methodologies, risk management methodologies, and contract reviews.
  • Expert in establishing information security risk management, governance, compliance and audits in different regions and business units from scratch and achieve maturity over next 2 years. Expert level knowledge in at least one of industry standards and best practices such as SOC 2
  • Type II, ISO/IEC 27001 Certification, HIPAA Compliance and PCIDSS
  • Good exposure and knowledge on IT security technologies and best practices
  • Excellent business communication skills
  • Ability to work in multicultural and multi-geographical environment
  • Ability to work autonomously or as part of a team, within targets and deadlines 

Required Qualifications:

  • Degree/Master Degree in information security, information technology or related discipline.
  • At least one certification from ISO 27001 Lead Auditor, CISA, HIPAA Expert, SOX Expert Certification

Required Languages:

  • Excellent written and spoken English

Covid-19 Vaccination Policy

International SOS requires its employees to be fully vaccinated against COVID-19, where allowable under the law, unless the employee is approved for a reasonable accommodation based on medical conditions or a sincerely held religious belief that prevents the employee from being vaccinated.

 

  • If you are vaccinated, you are required to provide proof of your vaccination status within the first 30 days of your employment. Failure to provide timely proof of your COVID-19 vaccination status will result in the termination of your employment with International SOS.
  • If you are unable to be fully vaccinated due to a medical condition or sincerely held religious belief, you will be required to apply for a reasonable accommodation within the first 30 days of your employment in order to remain employed with International SOS. As a part of this process, you will be required to provide information or documentation about the reason you cannot be vaccinated and you will undergo weekly testing if working in one of our offices. If your request for an accommodation is not approved, then your employment may be terminated.

International SOS is an equal opportunity employer and does not discriminate against employees or job applicants on the basis of race, color, religion, gender, sexual orientation, gender identity, national origin, age, disability, genetic information, marital status, amnesty or status as a covered veteran in accordance with applicable federal, state and local laws.


Nearest Major Market: Philadelphia