Information Security and Compliance Specialist

Information Security and Compliance Specialist

Location: Remote
Type: Full-Time

About Us
EyeCarePro is a leader in digital marketing for eyecare professionals, dedicated to innovation and excellence in healthcare technology. We're seeking an experienced Information Security and Compliance Specialist to lead our compliance initiatives, safeguard sensitive healthcare data, and support our mission of providing secure and effective solutions for our clients.

Key Responsibilities

• ISO 27001 Implementation:
  • Develop, implement, and manage an Information Security Management System (ISMS) aligned with ISO 27001 standards.
  • Oversee certification processes and ensure ongoing compliance.
• EHNAC Accreditation Knowledge:
  • Understand and apply EHNAC requirements, focusing on healthcare data privacy and interoperability standards.
  • Support the organizations future accreditation goals.
• HIPAA Compliance:
  • Ensure compliance with HIPAA regulations, including the Privacy Rule, Security Rule, and Breach Notification Rule.
  • Implement practical solutions in a business associate setting.
• Risk Assessment and Management:
  • Perform risk assessments, identify vulnerabilities, and develop mitigation strategies.
• Auditing and Continuous Improvement:
  • Conduct internal audits and maintain comprehensive documentation.
  • Drive continuous improvement in compliance practices.
• Policy Development:
  • Draft and implement security and privacy policies in alignment with ISO 27001, HIPAA, and NIST frameworks.
• Security Awareness Training:
  • Educate employees on security policies, fostering a culture of compliance and vigilance.

Required Qualifications and Experience

• Proven experience implementing and managing ISO 27001 ISMS.
• Strong understanding of HIPAA regulations and healthcare data compliance requirements.
• Familiarity with EHNAC standards; direct accreditation experience is a plus.
• Expertise in performing risk assessments and mitigating controls.
• Hands-on experience conducting internal audits.
• Ability to manage compliance-related projects effectively.
• Excellent communication and training skills.

Preferred Certifications:

• ISO 27001 Lead Implementer or Auditor
• CISSP, CISM, or CIPP/US

Desirable Skills:

• Familiarity with security frameworks such as NIST.
• Experience with security tools for compliance and risk management.

Why Join EyeCarePro?

• Work remotely with a collaborative and innovative team.
• Be a part of a company that values security, privacy, and compliance.
• Contribute to meaningful projects that impact healthcare technology.

If you meet the qualifications and are passionate about security and compliance in healthcare, we'd love to hear from you!