Receive alerts when this company posts new jobs.
Information Security Technical Manager
Give hope. Give health. Make your mark in the fight against cancer.
At Accuray, we make a direct and powerful impact on the lives of cancer patients every day — helping them live longer, better lives. But our commitment to innovation offers a truly unique opportunity: the chance to change the fight against cancer — helping to develop, introduce and support new treatment delivery systems and software that will give new hope and new health to cancer patients and cancer survivors around the world.
OUR VISION AND MISSION is to work passionately to create a future without the fear, pain or human suffering of cancer. We pursue this by developing precise, innovative tumor treatment solutions that empower clinicians and help cancer patients live longer, better lives.
Accuray develops, manufactures and sells radiotherapy systems that make cancer treatments shorter, safer, personalized and more effective, ultimately enabling patients to live longer, better lives. Our radiation treatment delivery systems in combination with fully-integrated software solutions set the industry standard for precision and cover the full range of radiation therapy and radiosurgery procedures.
Information Security Technical Manager
This technical security leadership position reports to Chief Information Officer (CIO) and is responsible for ensuring the operations, implementation, compliance, and ongoing activities involving the protection of the enterprise information assets. The scope of responsibility will encompass establishing the strategy and overall policies, goals and procedures for the information security function at Accuray. The candidate will drive programs to mitigate cyber risks, strengthen perimeters, and reduce enterprise vulnerabilities.
This involves monitoring information security/privacy issues as they relate to enterprise data and infrastructure for on-premise and cloud solutions. The Information Security Technical Manager will promote a corporate-wide security and privacy philosophy, supporting a comprehensive and practical set of privacy and security policies, procedures, and technology to not only protect the organization from security-related liability, but also to use security and data privacy practices as a way to create customer goodwill and market returns.
This is a strategic as well as technically hands-on position and will include extensive and broad internal interface with Engineering, Legal, Regulatory/Quality Affairs, and Information Technology to ultimately ensure the protection of information and assets globally.
- Implement and maintain enterprise security systems and technology
- Develop comprehensive enterprise information security, IT risk and compliance management program
- Develop, and maintains policy, standards, processes, and procedures to assess, monitor, report, escalate and remediate risk and security issues
- Develop, implement and monitor an ongoing employee education program for all employees on technology risk and appropriate mitigation strategies and approaches.
- Collaborate tightly with IT Security Operations team to monitor and respond to security events, operational processes and procedures, and tools improvements.
- Stay abreast of trends and advances in cybersecurity solutions and monitor changes in legislations that may affect information security. Ensure compliance with the changing laws and applicable regulations
- Ensure that disaster recovery and business continuity plans are in place and tested
- Review investigations after breaches or incidents, including impact analysis and recommendations for avoiding similar vulnerabilities
- Maintain a current understanding the IT threat landscape for the industry
- Schedule periodic security audits and penetration testing
- Constantly update the cyber security strategy to leverage new technology and threat information
- Brief the executive team on status and risks, including taking the role of champion for the overall strategy
- Communicate best practices and risks to all parts of the business, outside IT.
- Partner with leaders across the company, to ensure that information security efforts receive appropriate prioritization and resources.
- Take a leadership role in working across the company on security projects and provide security guidance on a constant stream of new projects and technologies.
- Bachelors in Computer Science or Engineering with an emphasis in Information Security or a related field, or equivalent experience.
- CISSP (Certified Information System Security Professional) or equivalent
- Knowledgeable in security trends, products and tooling.
- 7 to 10 years of knowledge and experience in Cybersecurity leadership role, including strategy and operations
- Proven ability to contribute at both strategic and operational levels, including leading Security Incident Response program.
- Demonstrated hands-on capability and technicality across a range of security disciplines.
- Expertise in in data privacy laws, access, security, release of information, or access control technologies.
- Knowledge and experience within the healthcare industry
- Demonstrated organization, facilitation, communication, and presentation skills
- Experience and effectiveness in leading cybersecurity initiatives and projects
- Ability to assess and weigh current and evolving business risks and enforce appropriate information security measures
- In depth knowledge of the cybersecurity rule and other government technology laws and standards.International exposer is desirable
- Experience with contract law is preferred but not necessary
- Have passion for real security and be able to positively spread this enthusiasm to partner teams
At Accuray, our commitment to patient-first outcomes drives an inclusive and collaborative work environment where the best ideas rise to the top — and everyone works to push them further. We value diversity in both the professional and personal backgrounds of our employees, as this variety adds rich energy to every team, every project and every work day. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity or national origin – including individuals with disabilities and veterans.