Information Security Specialist/GRC Specialist

Join us today and make a difference in people's lives!
 

LivaNova is a global medical technology company built on nearly five decades of experience and a relentless commitment to improving the lives of patients around the world. Our advanced technologies and breakthrough treatments provide meaningful solutions for the benefit of patients, healthcare professionals, and healthcare systems.  The company is listed on the NASDAQ stock exchange under the ticker symbol “ LIVN .”  LivaNova is headquartered in London (UK) with a presence in over 100 countries and a team of more than 3,000 employees worldwide.

The Information Security – Specialist will be responsible for identifying, analyzing, and influencing the management of information risks across the organization. These skills and competencies include:

Responsibilities:

• Identifies and facilitates implementation of appropriate controls to effectively manage information risks as needed.

• Performs focused information risk assessments of existing or new services and technologies, along with business counterparts.

• Communicate risk assessment findings to team owners and custodians of information risk business partners, or information governance and information security teams.

• Work with various stakeholders to identify information asset owners to classify data and systems as part of a control framework implementation.

• Lead planning and execution of compliance requirements by evaluating, documenting, and testing internal control systems related to accurate and timely financial reporting (SOX compliance) and liaise with external auditors.

• Identifies opportunities to improve risk posture, developing solutions for remediating or mitigating risks and assessing the residual risk.

• Help provide security communication, awareness, and training for audiences, which may range from senior leaders to field staff.

• Support the promotion activities to build awareness of information Policies, Standards, Processes, and good practices through communication and training for specific audiences such as Information Owners and IT administrators.

• Maintains strong working relationships with individuals and groups involved in managing information risks across the organization.

• Provides consultative advice to information technology, governance or security teams that enables them to suggest informed risk management decisions.

• Develop a strong working relationship with the security engineering team to develop and implement controls and configurations aligned with security policies and legal, regulatory and audit requirements.

• Help support the Information Security Director to manage security projects and provide expert guidance on security matters for IT projects.

• Create and maintain information security management system documentation as needed.

Education, Training and Previous Experience

Candidates will be evaluated primarily on their ability to demonstrate the competencies required to be successful in the role, as described above. For reference, the typical work experience and educational background of candidates in this role are as follows:

• BS in Business, Computer Science, Information Security, or a related field

• 5-7 years of work experience in information security, in an information risk analysis or IT audit role, preferred.

• 5-7 years of experience with information security management frameworks (e.g., International Organization for Standardization ISO/IEC 27001/27002, COBIT, National Institute of Standards and Technology (NIST) 800, COSO) preferred.

• Certification such as Certified Information Systems Security Professional (CISSP) or the Certified Information Systems Auditor (CISA) preferred.

• Strong analytical skills to analyze security requirements and relate them to appropriate security controls.

• Excellent verbal, written and interpersonal communication skills, including the ability to communicate effectively with the IT organization, project and application development teams, management and business personnel; in-depth knowledge and understanding of information risk concepts and principles as a means of relating business needs to security controls; an excellent understanding of information security concepts, protocols, industry best practices and strategies.

• Experience developing and maintaining policies, procedures, standards and guidelines.

• An understanding of operating system internals and network protocols.

• Experience in system technology security testing (vulnerability scanning and penetration testing).

• Strong leadership abilities, with the capability to develop and guide information security team members and IT operations personnel, and work with minimal supervision.

• Familiarity with applicable legal and regulatory requirements, including, but not limited to, the U.S. Sarbanes-Oxley Act, the U.S. Health Insurance Portability and Accountability Act (HIPAA), the European Union Privacy Directive, GDPR etc.

Pay Transparency: A reasonable estimate of the annual base salary for this position is $110,000 - $160,000 + discretionary annual bonus. Pay ranges may vary by location.

Employee benefits include:

• Health benefits – Medical, Dental, Vision

• Personal and Vacation Time

• Retirement & Savings Plan (401K)

• Employee Stock Purchase Plan

• Training & Education Assistance

• Bonus Referral Program

• Service Awards

• Employee Recognition Program

• Flexible Work Schedules

Our commitment to Diversity & Inclusion:

LivaNova values equality and celebrates diversity. We are committed to ensuring that our recruitment process is fair, transparent and free from unlawful discrimination.

Our selection process is driven by the key demands/requirements for the role rather than bias or discrimination on the basis of a candidate’s sex, gender identity, age, marital status, veteran status, non-job-related disability/handicap or medical condition, family status, sexual orientation, religion, color, ethnicity, race or any other legally protected classification.

Notice to third party agencies:

Please note that we do not accept unsolicited resumes from recruiters or employment agencies. In the absence of a signed Recruitment Services Agreement, we will not consider, or agree to, payment of any referral compensation or recruiter fee. In the event that a recruiter or agency submits a resume or candidate without a previously signed agreement, we explicitly reserve the right to pursue and hire those candidate(s) without any financial obligation to the recruiter or agency.

Beware of Job Scams:

Please beware of potentially fraudulent job postings or suspicious recruiting activity by persons posing as LivaNova recruiters or employees. The scammers may attempt to solicit confidential, personal information, such as a social security number, or your financial information. LivaNova will never ask for fees prior/during/after the application process, nor will we ask for banking details or personal financial information in return for the assurance of employment. If you are concerned that an offer of employment might be a scam or that the recruiter is not legitimate, please verify by searching for “See Open Jobs” on https://www.livanova.com/en-us/careers, and check that all recruitment emails come from an @livanova.com email address.