Information Security Analyst, Frameworks

Technology and R&D Remote, United States

Position at Medidata Solutions

Medidata: Conquering Diseases Together

Medidata is leading the digital transformation of life sciences, creating hope for millions of patients. Medidata helps generate the evidence and insights to help pharmaceutical, biotech, medical device and diagnostics companies, and academic researchers accelerate value, minimize risk, and optimize outcomes. More than one million registered users across 1,400 customers and partners access the world's most-used platform for clinical development, commercial, and real-world data. Medidata, a Dassault Systèmes company, is headquartered in New York City and has offices around the world to meet the needs of its customers. Discover more at

Your Mission: 

To provide support for the Information Security Frameworks team via evaluation, testing, and maintenance of Medidata’s robust control framework used to protect the confidentiality, integrity, and availability of the most important clinical trial data in the world, all while enabling Dassault Systemes to room to innovate, experiment, and grow.

  • Secures enterprise information by managing Information Security frameworks including the development, publication, education and management of related policies and procedures of systems, software and networks.
  • Assist in integration activities including assessment of Medidata’s third parties or acquisitions, reviewing vendors compliance state and assisting in technical implementation of security related systems.
  • Familiarity with the following: SOC1, SOC2, ISO 27001:2013, ISO 27018:2014, ISO 27701:2019, FISMA (e.g. NIST 800-53 Rev 5), HIPAA, HITRUST, FedRAMP.
  • Interacts directly with customers to raise awareness of Medidata’s leading information security posture.
  • Collaborate closely with Information Security management to develop key metrics which accurately reflect the health of the Frameworks program.
  • Partner with Medidata’s Global Compliance and Legal functions to ensure quality and privacy are adequately addressed in all
  • Proficiency in performing risk, business impact, control and vulnerability assessments. Perform the execution of control and vulnerability assessments to identify control weaknesses and assess the effectiveness of existing controls, and recommendations for remediation.
  • Supports the department Information Security Management System (ISMS) including POAMS, Monthly Meetings, CAPAs, Internal Audits, and other components of an ISO compliant function.
  • Experience in software products in cloud environments
  • Fundamental understanding of Agile Software Development

Your Competencies: 

  • Strong, fundamental knowledge of networking and cloud solutions in a regulated environment
  • CISSP certification is a bonus but will be expected within 1 year of hire
  • A strong grasp on the fundamentals of cloud security
  • Ability to collaborate with other functions in order to deploy and maintain solutions in an appropriate and cost-effective manner
  • Problem solving skills and ability to work under pressure
  • Possess ability to take on complex problems creatively

Your Education and Experience:

  • Ideally 3-5 years of IT & network security experience; strong preference for candidates with backgrounds at the intersection of Technology, Life Sciences, Health Care, etc.
  • Bachelor's degree (or above) in Computer Science/Engineering, Information Technology or comparable desired but not required

Medidata is making a real difference in the lives of patients everywhere by accelerating critical drug and medical device development, enabling life-saving drugs and medical devices to get to market faster. Our products sit at the convergence of the Technology and Life Sciences industries, one of most exciting areas for global innovation. Nine of the top 10 best-selling drugs in 2017 were developed on the Medidata platform. 

Medidata Solutions have powered over 17,000+ clinical trials giving us the largest collection of clinical trial data in the world. With this asset, we pioneer innovative, advanced applications and intelligent data analytics, bringing an unmatched level of quality and efficiency to clinical trials enabling treatments to reach waiting patients sooner.

Medidata Solutions, Inc. is an Equal Opportunity Employer. Medidata Solutions provides equal employment opportunities to all employees and applicants for employment without regard to race, color, religion, gender, sexual orientation, gender identity, national origin, age, disability status, protected veteran status, or any other characteristic protected by the law. Medidata Solutions complies with applicable state and local laws governing non-discrimination in employment in every location in which the company has facilities.