Information Security Specialist

Pioneering trusted medical solutions to improve the lives we touch: Convatec is a global medical products and technologies company, focused on solutions for the management of chronic conditions, with leading positions in advanced wound care, ostomy care, continence care, and infusion care. With around 10,000 colleagues, we provide our products and services in almost 100 countries, united by a promise to be forever caring. Our solutions provide a range of benefits, from infection prevention and protection of at-risk skin, to improved patient outcomes and reduced care costs. Convatec’s revenues in 2023 were over $2 billion. The company is a constituent of the FTSE 100 Index (LSE:CTEC). To learn more about Convatec, please visit http://www.convatecgroup.com

 

Key responsibilities and authority

• Information security management system is managed, reviewed, and continually improved.
• Information asset inventory containing sensitive data is maintained and updated.
• Ensuring Information is classified and protected across key systems.  
• Identify, report and governance over information security risks. 
• Retention periods are maintained as processes and requirements change.
• Ensure insder risk controls are implemented and improved.
• DLP policy is implemented any incidents are managed appropriately.
• eDiscovery and Litigation Hold requests are fulfilled timely.
• Information security awareness plan documented and delivered, along with metrics and KPIs which demonstrate keys risks are managed.
• Ensure near misses and policy breaches are followed upon as necessary (with training) 
• Phishing Campaigns are delivered and ensure click rate is less than 8%.
• Perform project reviews as per the Infosec methodology and provide infosec risks and requirements to ensure security by design across all projects.
• Perform initial vendor assessment and ongoing assurance over key vendors and service providers. (IT outsourcers and SAAS)
• Assist in implementing the Information security strategy across Convatec. 
• Ensuring security by design principles are adopted by project teams and key information security risks are managed via controls.

Key requirements

• Minimum 4 years’ experience in Information Security.
• Knowledge and understanding of information security concepts and principles.
• Ability to work independently with limited supervision. 
• Ability to demonstrate that you can influence others (key stakeholders including business) through explanation of facts, policies, and practices.
• Strong verbal and written communication skills.
• Ability to facilitate cross-functional teams.  
• Knowledge of network infrastructure, including routers, switches, firewalls and associated network protocols and concepts. 

Education/ Qualifications

• Bachelor's degree in computer science, Information Systems, Software Engineering, or equivalent experience  
• CISA and/or CISM certification (nice to have)
• At least a certification in information security
• ISO lead implementer or ISO lead auditor

 

#LI-Hybrid

#LI-AR2

 

Beware of scams online or from individuals claiming to represent Convatec

A formal recruitment process is required for all our opportunities prior to any offer of employment. This will include an interview confirmed by an official Convatec email address.

If you receive a suspicious approach over social media, text message, email or phone call about recruitment at Convatec, do not disclose any personal information or pay any fees whatsoever. If you’re unsure, please contact us at careers@Convatec.com.

Equal opportunities

Convatec provides equal employment opportunities for all current employees and applicants for employment. This policy means that no one will be discriminated against because of race, religion, creed, color, national origin, nationality, citizenship, ancestry, sex, age, marital status, physical or mental disability, affectional or sexual orientation, gender identity, military or veteran status, genetic predisposing characteristics or any other basis prohibited by law.

Notice to Agency and Search Firm Representatives

Convatec is not accepting unsolicited resumes from agencies and/or search firms for this job posting. Resumes submitted to any Convatec employee by a third party agency and/or search firm without a valid written and signed search agreement, will become the sole property of Convatec. No fee will be paid if a candidate is hired for this position as a result of an unsolicited agency or search firm referral. Thank you.

Already a Convatec employee?

If you are an active employee at Convatec, please do not apply here. Go to the Career Worklet on your Workday home page and View "Convatec Internal Career Site - Find Jobs". Thank you!