Senior Program Manager Information Security.

SOPHiA GENETICS combines deep expertise in life sciences with mathematical capabilities in data computing to create the future of AI-assisted Medicine.

We are looking for Senior Program Manager information Security (Distinguished Information Security Engineer) to join our team! The Program Manager or Distinguished Information Security Engineer is a technical expert with an extensive knowledge of several security areas. They are responsible for protecting SOPHiA GENETICS from cyber threats and the implementation of the information security strategy in alignment with business objectives.

They are the owner of multiple key security domains/activities and their performance. They oversee all the technical initiatives in these areas as a tech lead and program manager.

Our platform is a one-of-a-kind globally distributed information system that brings together hospitals and labs to provide data ingestion and processing, analysis and modeling, reporting and intelligence, distribution and sharing of a multitude of complex sources of structured and unstructured data, including genomics, imaging, and clinical data, delivered as a multi-tenant SaaS platform on the cloud.

SOPHiA GENETICS (NASDAQ: SOPH) combines Data-Driven Medicine, Genomics and Radiomics, to ensure that the data used to help patients today will also benefit the patients of tomorrow. SOPHiA DDM™ Platform in supporting multimodal data-driven medicine.

WHAT CAN WE OFFER YOU

• The opportunity to support the design of the information systems architecture and its transformation to enhance company security posture, drive operational excellence and meet customers needs.
• To provide traction for the delivery of business critical projects by ensuring security risks are managed, requirements are integrated and preemptively removing potential security blockers.
• To be a key stakeholder for technical questions in the setup and maintenance of key partnerships, bio-pharma initiatives and customers relationship.

In all the activities above, one must leverage their understanding of the regulatory environment, the business, third parties and the company ecosystem to factor external requirements into technical inputs. They ensure all technical security iniatives are consistent, risk based and mapped with the business objectives. They prepare and provide a clear overview of status to internal stakeholders, both technical and non-technical.

Therefore, if you’re a dynamic, self-motivated professional who believes nothing is impossible, love to learn and be curious, we’d love to have you as part of our team!

Requirements

Security Compliance, Advisory and Program Management

• Oversee the deployment of major technical projects on the cybersecurity roadmap supporting company risk remediations and strategic objectives.
• Perform risk assessments and steer risk treatment plans.
• Coordinate third party efforts (consultants, vendors) into a consistent strategy
• Ensure security requirements are integrated and delivered.
• Oversee partner/vendors relationships and performances.
• Maintain coherence between key projects and report on delivery and mapping to company goals.
• Build and maintain the company threat model and technical risk management plan.

Scope: Data Architecture, Business Continuity, ISO 27001, Security Compliance, 3rd Party Risk, Internal Audit, Risk Assessments

REQUIREMENTS

1. Education & Working experience

• Bachelor in Engineering, Information Technology or Security
• Minimum of 5 year in Information Security
• Certifications are a plus (CISA, Certified Internal Auditor ISO 27001)