Information Security Compliance Senior Specialist

Life Unlimited. At Smith+Nephew we design and manufacture technology that takes the limits off living.

At Smith+Nephew we are looking for: Information Security Compliance Senior Specialist

Smith & Nephew is seeking an experienced and motivated Information Security Compliance leader to join the companies Governance Risk & Compliance function and manage Customer Cyber Security Assurance globally.

What will you be doing?

• In this role you will have scope to expand into compliance oversight for S+Ns two primary cloud environments. You will report into the Director of Governance Risk & Compliance.
• You will require handling the existing SOC2 Type 2 and Spanish ENS certification programs to a successful conclusion each year. Management of the SOC2 Type program: maintaining the vendor relationship, conducting Control Design Reviews, recruiting Control Owners, audit management and leadership reporting.
• Respond to business needs through the design and delivery of additional cyber security certification and attestation programs, to support and promote S+N business in countries of operation. Management of Spanish ENS program.
• Provide timely and accurate responses to Customer Tender Questionnaires on Enterprise Cyber Security topics (product Cyber Security questions are covered by another team).
• Collaborating with the GRC Director and Business Leaders to identify other crucial Cyber Security certifications and attestations, vital to facilitate exiting business and grow sales globally. Then, design, delivery of such new programs.
• Close partnership with Control Owners in Information Security, IT and the Business. One who is self-motivated, able to lead programs / external audits and influence collaborators.
• Respond to customer questionnaires on topics of general Information Security or IT Controls. Build up a network of contacts across IS and IT to ensure that responses are accurate and requests delivered back to the customer facing teams promptly.

What will you need to be successful?

• Education: Bachelor's Degree or equivalent experience in Information Technology / Computer Science/ Computer Engineering.
• Licenses/Certifications: CISSP, CISA, ISO27001:2022 or equivalent certifications would be advantageous.
• Experience: Minimum 10+years of experience in IT, with at least 5 years in an Information Security Compliance role.
• Experience of SOC or ISO27001 certification audits would be advantageous.
• Experience of Cloud security and compliance experience would be advantageous
• Service Now Integrated Risk Management module audit feature experience is good to have.
• Good communication & organizational skills, ability to multi-task, good attention to details, excellent problem solving, and follow-up skills required.

You. Unlimited.

We believe in creating the greatest good for society. Our strongest investments are in our people and the patients we serve. 

Inclusion, Diversity and Equity: Committed to Welcoming, Celebrating and Thriving on Diversity, Learn more about our Employee Inclusion Groups on our website

Your Future: annual bonus, life insurance, company stock saving plan

Work/Life Balance: paid volunteering hours, flexible approach

Your Wellbeing: private health care with dental care package, multisport card/my benefit platform

Flexibility: possibility of working in hybrid model

Training: Hands-On, Team-Customized, subsidies for language classes, certifications and postgraduate studies

Extra Perks: referral bonus, recognition program, mentoring program

#LI-GG1

#LI-HYBRID

Stay connected and receive alerts for jobs like this by joining our talent community.

We're more than just a company - we're a community! Follow us on LinkedIn to see how we support and empower our employees and patients every day.  

Check our Glassdoor page for a glimpse behind the scenes and a sneak peek into You. Unlimited., life, culture, and benefits at S+N.

Explore our new website and learn more about our mission, our team, and the opportunities we offer.