Join RamSoft (www.ramsoft.com), a collaborative and innovative SaaS medical software company that is developing and selling novel cloud and cloud-native RIS/PACS software platforms for radiologists worldwide. We’re a global business with 200+ employees located worldwide, and we are growing quickly.

Roles and responsibilities

1. Compliance & Audit Readiness

Ensure compliance with regulatory frameworks, including MDSAP, ISO 13485, MDR, ISO 27001, SOC 2, PCI-DSS, HIPAA, HITRUST, GDPR, and other applicable regulations.
Lead internal and external audits, providing necessary documentation and addressing audit findings with remediation plans.
Frontend audits and ensure successful completion.
Develop, implement, and maintain information security policies, ensuring alignment with industry standards and business needs.

2. Risk Management & Security Governance

Establish and maintain an Information Security Risk Management Framework, conducting regular risk assessments and maintaining a risk register.
Oversee vendor risk assessments and ensure mitigation strategies align with business objectives.
Provide risk reports to senior management with recommended action plans.
Enforce cloud governance policies, working with FinOps to ensure secure, cost-effective cloud usage.

3. Security Operations & Incident Response

Oversee Azure security operations, ensuring adherence to security policies and regulatory requirements.
Monitor and respond to security alerts, vulnerabilities, and threats using Microsoft Sentinel.
Implement and manage an Incident Response Plan (IRP), ensuring compliance with breach notification regulations.
Administer endpoint security through Microsoft Intune and Defender for Endpoint.

4. Security Reviews & Cyber Threat Intelligence (CTI)

Conduct security review meetings, presenting key risks and remediation efforts.
Monitor emerging cyber threats and implement proactive mitigation strategies.
Collaborate with industry peers to exchange intelligence and best practices.

5. Security Awareness & Training

Develop and deliver information security training programs for employees.
Evaluate and update training content based on emerging cybersecurity threats.

6. Security Requests & Vendor Management

Manage internal and external security requests, ensuring timely resolution.
Oversee security operations and compliance tools, including third-party security assessments.
Monitor vendor security performance and ensure contractual compliance.

7. Continuous Security Improvement

Assess and enhance security maturity through regular evaluations and best practices benchmarking.
Recommend improvements to strengthen the organization's overall security posture.

8. Stakeholder & Cross-Functional Collaboration

Engage with IT, Support, Platform, Engineering, and FinOps teams for security and compliance needs.
Provide proactive updates and follow-ups to ensure service delivery.
Conduct NPS surveys to enhance security service quality.

RamSoft offers a casual work environment, flexible work hours, and a competitive compensation and benefits package. RamSoft Inc. is an equal-opportunity employer and is committed to fostering an accessible and inclusive environment for employees and customers. If you require any accommodation for the recruitment/interview process (including alternate formats of materials, or accessible meeting rooms, or other accommodations), please let our HR department know and we will work with you to meet your needs.

Apply now

See more open positions at RamSoft

Privacy policy Cookie policy