International SOS is the world’s leading international health care, medical assistance and travel security risk services company with over 11,000 employees. We provide a world class offering for travellers and expatriates. Every single day we are making a difference in people’s lives and able to support them when they need it the most.

You will be managing the all aspects of client assurance (questionnaire, agreements and audits) and SOC (Security Operating Center) 2 Type II/ ISAE 3402. You will lead IT compliance discussions with customer security point of contacts, support sales and commercial desk on contract reviews and be the customer’s voice.

Key Responsibilities

Information Security Compliance

• Prepare the compliance dashboard to show effort vs. workload and follow-up tasks/ pending items on customer compliance on a monthly basis
• Work closely with Data Protection Officer and Privacy Officer. Support the privacy compliance (Data Breach Notification Regulation, General Data Protection Regulation GDPR, Privacy Act etc.) from an IT perspective
• Develop security policies based upon the new security trends, customer needs, incident trend and legal or regulatory requirements
• Perform annual SOC 2 Type II/ ISAE 3402, assessment on an annual basis
• Ensure that all employees within business units and regions are made aware on compliance requirements and prepared for assessments based on their respective role in information security
• Recommend and assist in the implementation of changes to work methods and business procedures to make them more effective or to strengthen security measures.

Client Questionnaire, Audits and Contract/ Service Agreement Reviews

• Establish and operate an effective client questionnaire response knowledge base
• Lead in capacity of group information security representative for all client security audits and ensure timely and successful closure of client assessments by supporting sales and account management leads
• Educate sales and account teams on certifications
• Participate and lead the client contract reviews, adjust and propose security compliance requirements
• Prepare client questionnaire, audit and contract dashboard for the organisation, report and follow-up on all open audit action items and ensure successful closure of open findings.

Cross Functional Coordination

Coordinate with Group IT Sales and Marketing, Commercial Desk, Data Protection Officer, Business Functions (Assistance, I&T, Aspire) and Human Resources to support.

Required Skills and Experience

• Minimum 4 years of information security compliance or risk management work experience with a broad range of exposure to all aspects of IT security audit planning, audit methodologies, risk management methodologies, and contract reviews
• Proven track record in managing and implementing information security governance, risk and compliance programs using industry leading solutions such as RSA Archer
• Expert level knowledge in various industry standards and best practices such as SOC 2 Type II/ ISAE 3402 , ISO/IEC 27001 Certification, HIPAA Compliance and PCIDSS
• Good exposure and knowledge on IT security technologies and best practices
• Excellent business communication skills
• Ability to work in multicultural and multi-geographical environment.

Required Qualifications

• Degree/Master Degree in information security, information technology or related discipline
• ISO 27001 Lead Auditor, CISA, HIPAA Expert, SOX Expert Certification, PCIDSS Certifications.

Here at International SOS we will offer you an interesting, varied and challenging career, where you will have the opportunity to experience developing yourself and experience working with colleagues all around Europe

Please apply online now attaching your CV.