Manager, Information Security Frameworks

Technology and R&D Remote, United States New York, New York

Position at Medidata Solutions

Medidata: Conquering Diseases Together

Medidata is leading the digital transformation of life sciences, creating hope for millions of patients. Medidata helps generate the evidence and insights to help pharmaceutical, biotech, medical device and diagnostics companies, and academic researchers accelerate value, minimize risk, and optimize outcomes. More than one million registered users across 1,400 customers and partners access the world's most-used platform for clinical development, commercial, and real-world data. Medidata, a Dassault Systèmes company, is headquartered in New York City and has offices around the world to meet the needs of its customers. Discover more at

Your Mission: 

To provide support for Development Team Operations including hosting and maintaining development tools, providing Release Engineering support for Data Science Teams & supporting Data Governance Policy in relation to Data Science.

Your Commitments: 

  • Manages Information Security Frameworks to a high degree of quality including, ISO 27xxx series, SOC1/2/3, HIPAA, HITRUST, NIST, Fisma and Fedramp

  • Provide security and engineering input to architectural designs, system designs and strategic technology plans

  • Support Data Governance Policy within the SDLC including extracting and moving approved customer data to a secure development environment

Your Competencies: 

  • Intimate knowledge of the things necessary to support ISO 27001, 27018, 27701 as well as SOC-1 and SOC-2

  • Deep knowledge of NIST 800-53

  • Familiar with the principles of issuing Authority-to-Operate for FISMA & FedRamp

  • A good grasp of the fundamentals of Cloud Security

  • Good understanding of Software Engineering practices 

  • Practical experience in Incident Response

  • Strong experience in Information Security Practices

  • Experience in software products in cloud environments

  • Fundamental understanding of Agile Software Development

  • Good background in both IT systems engineering and operations

  • Sound understanding of source control.

  • Ability to collaborate with other functions in order to deploy and maintain solutions in an appropriate and cost-effective manner

  • Problem solving skills and ability to work under pressure

  • Possess ability to take on complex problems creatively

  • Ability not only to run a small (3-5 person) team, but cross functionally

  • Run the security frameworks programs effectively

  • Manage the Authority to Operate program

  • Manage the department Information Security Management System (ISMS) including POAMS, Monthly Meetings, CAPAs and other components of an ISO compliant function

  • Partner with GCS to ensure seamless coverage with respect to quality

  • Partner with Legal to ensure seamless coverage with respect to privacy

  • Collaborate with the rest of Information Security 

Technical Skills:

  • Identity and Access Management principles
  • Ability to run vulnerability assessment programs

  • Ability to run a third party risk program

  • Ability to support Enterprise Risk Management

  • Good writing skills; both within a technical and within a corporate environment

  • At least 5 years in Technology, Medical, LifeSciences or HealthCare

Your Education & Experience:

  • At least five years exposed to Security Frameworks (AISCPA, ISO, CoBIT)

  • Bachelor's degree (or above) in Computer Science/Engineering, Information Technology or comparable required

  • CISM/CISA/CRISC certifications are desired, but not required

  • Cloud Security certification is desired, but not required

  • CISSP Certification is a bonus, will be expected within 1 year of hire

Medidata is making a real difference in the lives of patients everywhere by accelerating critical drug and medical device development, enabling life-saving drugs and medical devices to get to market faster. Our products sit at the convergence of the Technology and Life Sciences industries, one of most exciting areas for global innovation. Nine of the top 10 best-selling drugs in 2017 were developed on the Medidata platform.

Medidata’s solutions have powered over 14,000 clinical trials giving us the largest collection of clinical trial data in the world. With this asset, we pioneer innovative, advanced applications and intelligent data analytics, bringing an unmatched level of quality and efficiency to clinical trials enabling treatments to reach waiting patients sooner.

Medidata Solutions, Inc. is an Equal Opportunity Employer. Medidata Solutions provides equal employment opportunities to all employees and applicants for employment without regard to race, color, religion, gender, sexual orientation, national origin, age, disability, or status as a veteran. Medidata Solutions complies with applicable state and local laws governing non-discrimination in employment in every location in which the company has facilities.