Senior Information Security Specialist

Remote from
Job level
Job type
Full Time,
Opening date
Closing date
28 Feb 2023

About Medable, Inc

The leading global platform for decentralized clinical trials.

Medable’s mission is to get effective therapies to patients faster. We provide an end-to-end, cloud-based platform with a flexible suite of tools that allows patients, healthcare providers, clinical research organizations and pharmaceutical sponsors to work together as a team in clinical trials. Our solutions enable more efficient clinical research, more effective healthcare delivery, and more accurate precision and predictive medicine. Our target audiences are patients, providers, principal investigators, and innovators who work in healthcare and life sciences.

Our vision is to accelerate the path to human discovery and medical cures. We are passionate about driving innovation and empowering consumers. We are proactive, collaborative, self-motivated learners, committed, bold and tenacious. We are dedicated to making this world a healthier place.

Job Description:

  • Participate in ISO 27001 Certification and annual surveillance audits.
  • Participate in SOC-2 reporting processes in collaboration with key stakeholders and third-party auditors.
  • Modify Medable IT/IS related policies and procedures as needed to comply with audit findings and applicable IS industry and regulatory standards.
  • Participate in customer requested audits of the IS program.
  • Oversee IS related audit findings and work with key stakeholders to establish and execute remediation plans within SLAs.
  • Participate in critical vendor IS Risk and Compliance audits in accordance with Vendor Management SOP.
  • Complete customer RFI assessments as assigned. Maintain the RFI library with current information.
  • Evaluate vendor RFI responses in relation to company information security requirements and assess risk accordingly.
  • Maintain Governance Risk and Compliance (GRC) tool risk assessments for vendor and asset risk management.
  • Participate in cross-functional risk assessments for vendor management and custom solutions.
  • Participate in IS related Incident Management investigation and reporting activities in collaboration with key stakeholders and incident response team members.
  • Participate in Business Continuity and Disaster Recovery Plan development and annual testing in collaboration with key stakeholders.
  • Other duties as assigned.


  • 2+ years experience specifically in an IS/IT Risk and Compliance role.
  • Preferred experience in the Clinical Research/Technology industry.
  • Experience with ISO 27001 and SOC-2 standards and controls.
  • Experience with Risk Assessment activities and documentation.
  • Experience in IS related incident investigation, reporting, and compliance.
  • Experience participating in IT/IS audits.
  • Experience managing customer and vendor RFI responses.
  • Experience authoring and maintaining IT/IS related policies and procedures.
  • Knowledge/Experience with Business Continuity and Disaster Recovery planning.
  • Strong organizational, and interpersonal communication skills
  • Multi-tasking and prioritization skills
  • Critical thinking and problem-solving skills
  • Ability to build strong cross-functional relationships
  • Proficient process enhancement skills
  • Policy writing skills

Education, Certification, Licenses:

  • Batchelor’s degree in IT/IS related field, or equivalent combination of certifications and/or work experience.
  • One or more IS or Risk and Compliance related certifications including but not limited to (CRISC, CGEIT, GRCP, etc.)

Personalised job alerts

Set up personalised e-mail alerts about similar remote jobs

Report jobEmbed widgetShare

How to apply

See a few more

Similar remote jobs in DevOps & SysAdmin

Job Widget Code

Place this code wherever you want the widget to appear on your page.

<script src="//" async></script>

Job Search Safety Tips

Here are some tips to help you search and apply for jobs safely:
Watch out for suspicious jobs Don't apply for jobs that offer high pay for little work or offer to hire you without an interview.
Check the employer's profile Make sure you're applying for a trustworthy job by visiting the employer's profile and learning more about them.
Protect your information Don't share personal details like your bank account or government-issued ID on suspicious websites or messengers.
Report jobs that feel unsafe If you see a job that seems misleading, inappropriate or discriminatory, report it for going against our policies and we'll review it.

Share this job


What position is Medable, Inc hiring for?

Medable, Inc is hiring a remote Senior Information Security Specialist from

What type of employment does Medable, Inc offer?

This is a Full Time role.