Security and Compliance Specialist

Company Description
**About Cloud DX**

Cloud DX is an industry leader in digital health care, virtual care, remote patient monitoring hardware and software. The company's award-winning solutions enable chronically ill patients to stay at home and out of the hospital, drastically improving health outcomes while, at the same time, significantly reducing costs to treat the most expensive patients in the healthcare system. Cloud DX is relentlessly committed to serving patients, driving Innovation, delivering results, and making a difference in communities across North America and globally. The Company was founded in 2014 and has grown into a leader in the Virtual Care Market in North America. The current COVID crisis has accelerated the adoption of virtual care in our markets and Cloud DX is investing in expanding our US Sales and Marketing efforts.

**Job Description**:
**The Role**

We are looking for a Compliance and Security Specialist to join our rapidly growing team. Reporting to the Head of IT, Security, Compliance and Privacy, you'll support our information security program and support the security and protection of all information entrusted to Cloud DX by its customers, partners, and employees.You will help create an organizational culture where information security is ingrained into the fabric of our standard business operations. This position will also be critical in supporting and maintaining our compliance initiatives. Currently our compliance team is small so we're looking for someone who can roll up their sleeves and jump in to support compliance, security and internal IT projects/work.

**What You'll Do**
- Support the organization's security and compliance initiatives, ensuring adherence to industry best practices, regulations, and internal policies
- Review and Update security policies and procedures as required.
- Work with the differnt business units to maintain compliance with the security program
- Assist in conducting regular risk assessments, internal audits to assess the effectiveness of security controls, policies, and procedures, and vulnerability scans to identify potential security risks and develop strategies to mitigate them.
- Collaborate with cross-functional teams to support compliance and security questions and assist with the compliance and security components of projects to ensure compliance with SOC 2.
- Assist in monitoring and analyzing security logs and alerts to identify and respond to potential security incidents in a timely manner.
- Assist with New Vendor Secuirty Assessments, Vendor Management annual reviews and management of the Vendor Managmenet program
- Stay up to date with the latest security trends, technologies, and regulatory changes, and provide recommendations for continuous improvement.
- Assist with security awareness and training programs to educate employees on best practices and ensure a security-conscious culture.
- Support and collaborate with external auditors during SOC 2 audits, providing necessary documentation and evidence to demonstrate compliance.

**Who You Are**
- Bachelor's degree in Computer Science, Information Technology, or a related field.
- Minimum of 2years of experience in security and compliance, with a focus on supporting SOC 2 audits.
- Strong knowledge of security frameworks, standards, and regulations.
- Experience with conducting risk assessments, vulnerability assessments, and penetration testing.
- Excellent understanding of cloud security principles and best practices
- Strong analytical and problem-solving skills, with the ability to think critically and make sound decisions.
- Excellent communication and interpersonal skills, with the ability to effectively communicate complex security concepts to both technical and non-technical stakeholders.
- Relevant certifications, such as CISSP, CISA, or CISM, are highly desirable.

**Bonus Experience**
- Experience with ISO 13485, ISO 270001
- Policy Development
- Project Management experience with Security and IT projects

Additional Information