Contact us

Back to careers

Information Security Officer

Engineering | Tel Aviv-Yafo, IL

About the position

Healthy.io is the first company to successfully turn the smartphone camera into a clinical-grade medical device, enabling faster treatment and improved care for patients worldwide. Our products combine computer vision and machine learning technology with best-in-class UX design to create new clinical pathways through smartphone-powered urinalysis, digitized wound management, and beyond.

Headquartered in Tel Aviv with 240 employees across London, Boston, and Singapore we are growing fast as we serve more and more patients across ever-expanding areas of healthcare.

Being in the field of digital healthcare, we have no choice but to maintain very high security standards. From cyber-security aspects, information security and compliance, and above all keeping private data private - we demand high standards of security from ourselves and from our partners. 

We’re looking for an Information Security Officer to join our team and assist with all aspects of security of a growing global company, and be the liaison security focus point for our branches and local agencies. We’re looking for a brilliant team member, experienced in operating with modern systems and platforms. 

You’ll work closely with the Security Team and report directly to the company's Information Security Director. You will be leading all security technology processes and activities, and assist your team members to follow them.

We are looking for someone well-organized and highly-motivated, who can simultaneously balance a process-oriented approach with a tech-oriented outlook. We’re looking for a team player who can create an immediate impact within our dynamic and growing team.

Our company is no stranger to formal compliance frameworks and standards. We know how to work in a regulatory framework while maintaining a very agile and super technological workflow. 


You will love this job if:

  • You believe in the integration of Governance, Risk and Compliance activities that can empower a company to provide a compliant business model, manage significant risks to the business' goals and objectives, and provide accurate information to empower better decision making.
  • You are a polyglot technologist with the ability to quickly learn, adapt and use different technologies, including but not limited to Cloud platforms and protective monitoring
  • You are a strong critical thinker and enjoy working on challenging problems.
  • You enjoy partnering and collaborating with a range of business professionals.
Requirements
  • Minimum 2 years professional experience including Audit, IT Audit, Cloud Audit, risk management, IT security and / or similar compliance functions.
  • Good knowledge of security and control standards and frameworks such as HIPAA, HITRUST, NIST CSF & 800-53, ISO27001, GDPR or similar frameworks - their use and assessment.
  • Hands on experience with technical systems (command line, cloud networking, operating systems, etc) - major advantage. 
  • Broad exposure to a range of Cloud security and monitoring technologies, including WAF, DLP, IDS/IPS, IdAM, Certificate Management, SIEM, Endpoint Protection, Anti-malware, patch and vulnerability management;
  • Experience with IT and Cloud Security risk assessments.
  • Relevant security and/or risk certifications such as CISM/CISSP/CISA/CRISC/CEH/CompTIA Security+/MCSA/RHCSA  
  • Excellent communication, interpersonal and leadership skills, with the ability to interact with staff at all levels.
Role & Responsibilities
  • Support local, regional, and global Governance, Risk and Compliance initiatives and activities.
  • Develop, maintain and publish up-to-date security and compliance policies, procedures, standards, guidelines, and oversee training and dissemination of policies and procedures.
  • Participate in HIPAA, ISO 27001, HITRUST, Cyber Essentials compliance assessments, evidence collection, and reporting.
  • Collaborate with various stakeholders to assist with compliance assessment and building requirements.
  • Assist with Incident Response and Business Continuity to include running table-top exercises and live testing.
  • Apply the risk-based process for vendor management, including assessment and treatment for risks that may result from partners, consultants and other service providers.

or send your CV to [email protected]