Experience Inc. Jobs

Position Summary

Working as part of the information security office within the IT department at Caris Life Sciences, we are looking for a skilled Information Security Engineer with a strong background in Governance, Risk, and Compliance. The ideal candidate will be responsible for designing, implementing, and maintaining security measures to protect our organization's systems and data. Oversight will include internal cyber security assessments, third party due diligence reviews, establishing security standards and policies, managing identified security risks, and facilitating audits conducted by independent parties. In addition, the candidate should have experience in developing and managing a comprehensive GRC program to ensure compliance with industry regulations and standards.

Job Responsibilities

• Collaborate to define IT security standards and develop supporting organizational policies.

• Design, implement, and manage security measures to protect the organization's information assets.

• Support vendor due-diligence process and help to lead and define overall third-party risk management efforts.

• Work with various business units to ensure controls are adequate, appropriate, and effective.

• Support internal and external audit process for relevant compliance concerns including HIPAA, SOX, and GDPR.

• Conduct regular security assessments, vulnerability assessments, and penetration testing.

• Must be skilled in analyzing system requirements for internal audit and regulatory Collaborate with cross-functional teams to integrate security best practices into the development lifecycle.

• Interface with global IT and business partners to provide guidance and support.

• Perform periodic gap assessments to validate compliance on an ongoing basis.

• Stay up to date and informed on developing regulatory concerns and changing IT and information security trends.

• Proficient in developing and reviewing Information Technology security program strategy, policy, and processes.

• Develop and implement a comprehensive GRC framework aligned with industry standards and regulatory requirements.

• Monitor and report on security and compliance metrics to key stakeholders.

• Develop and deliver security awareness training programs for employees.

Required Qualifications

• Bachelor’s degree in related field or equivalent work experience.

• 5 years in Information Security risk management.

• Significant experience with legal and regulatory compliance standards such as SOX, GDPR, HIPAA, etc.

• Strong analytical skills, problem solving skills, and project/program management skills.

• Familiarity with ISMS and security frameworks, particularly NIST Cybersecurity Frameworks.

• Strong understanding of fundamental information security concepts and technology.

• Experience with IT GRC/IRM platforms.

• Experience with IT governance, risk, and compliance management in a healthcare environment.

• Conditions of Employment: Individuals must successfully complete pre-employment process, which includes criminal background check, drug screening, and reference verification.

Preferred Qualifications

• ISACA or (ISC)2 Certification such as CISA or CRISC is a plus.

• Thorough knowledge of enterprise-scale security architecture, cloud security, and business continuity program best practices.

• The ability to explain security concepts to both technical and non-technical stakeholders.

Physical Demands

• Must possess the ability to sit and/or stand for long periods of time

• May be required to lift routine office supplies and use standard office equipment

Other

• This position requires periodic travel and some evenings, weekends and/or holidays

This job description reflects management’s assignment of essential functions. Nothing in this job description restricts management’s right to assign or reassign duties and responsibilities to this job at any time.

Caris Life Sciences is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, gender, gender identity, sexual orientation, age, status as a protected veteran, among other things, or status as a qualified individual with disability.

Caris Life Sciences is a leading innovator in molecular science and artificial intelligence focused on fulfilling the promise of precision medicine through quality and innovation.

Caris is committed to quality and excellence at our state-of-the-art laboratories. Learn more about our tissue lab and the advanced technologies that are helping improve the lives of cancer patients.