- Develop auditing program to offer comprehensive audit coverage within the
Ministry - Ensure healthcare sector cybersecurity, data protection and privacy compliance
for the entire healthcare, insurance providers and partners - Periodical review and assessment to monitor compliance maturity posture and
progress for the healthcare entities - Develop and oversee Security audit and compliance program within the ministry
- Coordinate, plan and execute audit activities within the Ministry
- Determine audit scope and objective and accordingly prepare audit work plan
- Develop and implement complex audit test plan
- Conduct security compliance audits of critical systems and applications
- Ensure ongoing compliance with the organizations policies and procedures, legal,
regulatory, and contractual requirements - Build and maintain the controls matrix in alignment with multiple compliance
frameworks and standards - Prepare compliance reports and status reports, identify issues, and report to
senior management - Support key business initiatives by identifying security and compliance related
risks - Ensuring internal compliance (including IT, vulnerability scans, annual training,
etc.) are executed in a timely manner - Performs related duties as assigned by supervisor
- Schedule, conduct various information security audits, and prepare audit reports
- Ensure security and compliance of critical systems, network and applications
including Azure Cloud, IAM, PAM and O365 - Monitor and ensure DLP compliance and follow-up with the stakeholders
- Coordinate with IT operation team and Business units to ensure closure of
identified non-compliance and vulnerabilities - Identify critical risks and recommend corrective steps to address the risks
- Liaise with external and internal audit team and ensure evidence are collected and
submitted on time - Coordinate with business Unit, finance, HR, projects, Etc. to obtain inputs for audit
processing - Support team and ensure all the audit findings are closed as per the timeline
- Ensure that previous audit recommendations are addressed and implemented
- Support the other security and compliance procedures based on the approved
standard - Support the operational team in developing technical standards (Hardening
documents) for various platforms - Support the development of the overarching security policies, standards, and
operating procedures - Develop well-crafted audit reports including results and recommendations for
management - Communicate audit findings and recommendations to Management and
stakeholder - Maintain clear and complete IT audit documentations
Experience/Qualifications:
- Bachelor’s degree in computer science or Similar, plus substantial continued
education and training in the field - 5+ years of progressive experience in Security and Compliance including
application, infrastructure, and Azure Cloud - Significant, demonstrable, experience within a security compliance or security
management role - Strong understanding of key Compliance, security and framework models and
standards such as ISO 2700X, NIST, CIS benchmarks etc. - Familiarity with common vulnerabilities and attack vectors
- Ability to understand and integrate cultural differences and motives and to work
with cross cultural Audience - Preferable have worked in Health Care Sector, Advanced Microsoft Office product
expertise - Cloud Security Certifications Az-500, CCSP etc.
- Preferred to hold CISA, CISSP or other equivalent certification
- Preferred to hold NIAS, ISO 27001/2, or other equivalent certification
- Mandatory knowledge on Azure Cloud, O365, DLP and IAM and PAM process and
Technologies
