Risk and Compliance Analyst
Security & Compliance – Information Security and Compliance /
Are you building your career in technology risk, controls, and compliance? Are you excited about the opportunity to implement compliance standards - SOC 2, FedRAMP, ISO 27001, ISO 27017, ISO 9001, GDPR and many others? Are you interested in working in a cloud environment within Amazon Web Services (AWS), Google Cloud Platform (GCP) and Microsoft Azure. Are you looking to work at a fast-paced growth stage technology company? Are you interested in working in the cutting edge field of genomic precision medicine? If yes, we have an exciting position available at Seven Bridges in the Boston, Massachusetts area.
The Risk and Compliance Analyst will be a key member of the information security team, reporting to the Team Lead, Risk and Compliance. The successful candidate will bring expertise in IT general controls, auditing, compliance, a strong work ethic, and customer facing skills. The successful candidate must excel at contributing to the security team in a fast paced environment. This role requires the right blend of technical and non-technical skills, and will be working across the entire Seven Bridges organization.
What you'll be doing;
- Implement security best practices and business unit security ownership across the organization
- Assisting in collecting and reviewing documentation for third party audits
- Assist sales and pre-sales teams in responding to customer’s security and compliance related inquiries
- Work with Account Managers regarding existing customer security requests and related inquiries
- Operate key controls such as system access reviews
- Assist in coordinating investigations and responding to information security incidents
- Assist with management of existing and new third party Vendors
- Assist with development, maintenance and review of information security policies and procedures
- Development and maintain quality management system (QMS) documentation in support of pharmaceutical requirements
- Support information security awareness activities
- Support US Federal Government FedRAMP compliance as needed
- Potential Travel 10%, including Belgrade, Serbia office location
Do you have what it takes?
- Bachelor’s degree in Computer Science, Accounting, Finance, Information Systems, or related field
- Experience preferred in basic knowledge in the following audits/regulations: SOC 1, SOC 2, SOC 3, ISO 27001, ISO 27017, ISO 27018, ISO 27701, FISMA, FedRAMP, SOX 404, HITRUST CSF, HIPAA, ISO 9001, GxP, 21 CFR Part 11, GAMP 5, EU Annex 11
- Strong written and verbal communication skills and presentation skills
- Leadership, teamwork and client service skills
- Organized, detail-oriented, trustworthy, willing to speak up, proactive, persuasive
- Demonstrated integrity within a professional environmentWilling to pursue CISA, CISSP, CISM certifications at a future date
- Technical audit / controls experience: Operating Systems (Linux), Databases, Web Applications
- Identity and access management (I&AM) experience
- Exposure to security technologies such as IDS, Firewalls, Anti-virus, SIEM, WAF, etc.
- Amazon Web Services (AWS), Google Cloud Platform (GCP), Microsoft Azure
- Atlassian Suite - JIRA & Confluence experience
- G-Suite business applications (docs, sheets, slides, etc)
It would be great if you had;
- Experience auditing within the pharmaceutical or healthcare industries
- Master’s degree
- Big 4 public accounting IT risk and controls experience
- Familiarity with the command line interface of multiple operating systems – Windows, macOS, Linux, etc.
- Understanding of scripting languages to include the following – python, shell, ruby, perl
- Corporate IT / Help deskDocker, Ansible, Kubernetes
- United States Government Security Clearance
- A sense of humor
What is in Seven Bridges’ DNA?
Our Mission: Seven Bridges will significantly decrease the time, cost and risk to bring new precision medicine products to market by maximizing the productivity of bio pharma/tech research and development organizations in; formulation, productization, identification, success and optimization.
Our Values: These represent who we are and what we stand for. We pride ourselves on being true to our values in everything we do. Building successful partnerships, acting with a sense of urgency, making scientists happy, acting with integrity, treating data with respect, committed to excellence, and working together
Our team and culture: With backgrounds in genomics, computer science and computational biology to sales and finance our talented team is passionate about building solutions to the most challenging problems of precision medicine. We believe that teamwork makes the dream work! By acting with empathy, supporting each other, and learning from our challenges we exemplify commitment to quality results faster.
Our perks: We offer challenging career opportunities, 401K matching, competitive benefits, unlimited PTO and an environment that recognizes and rewards performance.
Enough about us, let’s talk about you!
If you have gotten this far and are looking for the right balance of teamwork, challenge, fun and would like to help push genomics forward please send us your resume and a cover letter. If your qualifications fit the profile we are looking for, we will contact you in a timely manner.