Information Security Officer

Job Category: Technical
Job Type: Full Time
Job Location: Remote

About Kyla

The Kyla app brings together our team of doctors, developers, and AI scientists to give each individual the power to understand their health from a new perspective along with simple goals and clear follow-ups to improve. We’re working with Fortune 500 companies, schools, and individuals by the thousands and are rapidly growing.

Kyla makes you live longer. First, Kyla collects your medical history and connects you with doctors to perform medical-grade tests. Then, Kyla AI analyzes your medical data to identify your top health risks, estimate your remaining lifetime, and give you simple, doctor-validated daily goals to increase your life expectancy. Finally, Kyla monitors your progress 24×7, diagnoses, and treats your conditions with the help of doctors. 

Required skills:

  • Bachelor Degree with a major in Cyber Security or Computer Science or equivalent experience;
  • English at a level sufficient to carry a conversation;
  • 5+ years of experience in Information Security, Risk Assessment, and Audits;
  • R&D experience with complex software projects;
  • Experience in developing & maintaining ISMS;
  • Knowledge of ISO 27001, SOC2, NIST, HIPAA, PCI DSS, GDPR;
  • Ability to conduct readiness/gap assessments, provide recommendations;
  • Understanding of GRC framework;
  • Understanding of secure coding practices, ethical hacking, threat modeling, secure SDLC process;
  • Understanding of DR / BCP;
  • Experience in defining security requirements as well as evaluating and selecting appropriate information security controls;
  • Understanding of IT and information security trends, challenges;
  • Knowledge of security vendors, systems, and solutions;
  • Hands on experience applying security solutions for network scanning, intrusion detection, WAF, etc.;
  • Knowledge of in-transit/at-rest data encryption algos and techniques;
  • Experience with AWS.

As a plus:

  • Project Management Experience;
  • Experience with Java/Spring/Hibernate stack;
  • Experience with Node JS;

What we offer you:

  • Competitive salary;
  • 100% remote job;
  • Flexible work hours;
  • Personalized development plan for your professional and career growth;
  • Paid online courses;
  • Working directly for USA product company while developing innovative AI-driven healthcare;
  • Sharing the success of the company in the form of performance bonuses and successful exit reward;

Responsibilities:

  • Be available to interact with the US team from 7 am PST till 10am PST;
  • Create relevant information security policies and procedures;
  • Develop both high- and low-level action plans for implementation of the information security policies and procedures maintaining the proper balance between business priorities, information security risks, and cost of controls implementation for the organization;
  • Coach, advise and drive adoption of developed policies and procedures and implementation of the action plans;
  • Establish and maintain strong relationships with both senior and operating level business leaders to ensure alignment to customer and business needs while prioritizing key initiatives;
  • Coordinate the maintenance of the Information Security Risk Management process, coordinate risk assessment cycle implementation with respective risk and control owner definition, and development of Risk Treatment plans;
  • Support audit cycle implementation to be done through preparation of materials for audit conduction, coordination of audits, participation in audits. Organize and manage the communication of results to the Management Team and respective involved parties;
  • Participate in the customer information security compliance process. Identify and analyze customer requirements related to information security;
  • Arrange a preparation for the external information security audits. Participate in the audit passing process;
  • Coordinate the process of the implementation of the corrective actions to address nonconformities found during internal and external information security audits;
  • Provide supervision and guidance for the engineers;
  • Promote the compliance mindset: organize the development and delivery of required communication campaigns, awareness programs and training for different focus groups and different internal and external stakeholders;
  • Provide subject matter expertise in information security for internal and external requests.

We are looking forward to meeting you!

Apply for this position

Use the below form to submit your job application

Allowed Type(s): .pdf, .doc, .docx