Signant Health is a specialty services and clinical trial technology provider dedicated to helping bio-pharmaceutical sponsors and Contract Research Organizations. It was started back in 2000 and headquatered in Pennsylvania. It was initially formed as CRF Health in 2000, It is also an evolution built on more than 20 years of proven clinical research technology. Recently CRF Health and Bracket are merged to form Signant Health.

Signant Health is seeking to hire a Director of Information Security, Compliance and Risk Management coming from a Pharmaceutical background who will oversee the Information Security Programs and ensure security and governance controls appropriate to the level of risk associated with the technology Signant Health operates. In this role, you will establish and lead all aspects of Signant Health's Information Security, Compliance and Risk Management program, including driving strategic direction, implementation and day-to-day operations of controls. You will work closely with other partners across various teams (Legal, Sales and Support, Product, Services, Operations and IT) to ensure Signant Health's security and compliance postures are robust and exceed all applicable standards. You will drive security audit and compliance initiatives to clearly identify control objectives and work with technical teams to meet or exceed them with effective evidence gathering for internal and external audits. Absolutely key is that this role represents the organizations security and compliance to clients and partners.

Key Accountabilities/Decision Making & Influence

You will also proactively identify current and emerging threats to our systems and environment to prevent incidents where possible and actively manage them as necessary. You must have experience working in a dynamic, fast-paced environment and be ready to leverage multiple forms of communication to articulate complex concepts with proficiency to both technical partners as well as executive management.

1. Track record of independently performing information security and gap assessments and audits.
2. Experience in incident response - capable of leading IR process.
3. Information Security Certifications (CISSP (required), CISM, CRISC, CCSP ) and/ or other related security certification. Privacy Certifications (CIPP, HCISPP) and/or other privacy certification. ITIL or PMP Certification. Have CISSP (required), CCSP, CISM, CRISC or an equivalent professional security qualification.
4. Evidence that you are considered one of the Subject Matter Experts in all facets of the role.

Experience with multiple compliance areas such SOC, SSAE, HIPPA, ISO 27001, GDPR and NIST. Awareness of relevant data protection laws and regulations (e.g. EU Directives and GDPR, CCPA in US or other similar legislations