Information Security Officer

About the Department of Medical Informatics (DMI):
Across the last decades, data has become a cornerstone for multidisciplinary research, digital and precision health. At the LIH, the DMI is in charge of promoting and ensuring that researchers and clinicians can fully leverage patient information. With its expertise in Information Technologies (IT) and data science, the DMI assists and supports medical research at LIH and the national level. The primary mission of the DMI is to provide and maintain a safe and secure IT ecosystem for researchers and clinicians, where they can collect, store, analyze and share data from different sources, ranging from studies, registries, laboratories, health systems and public datasets. This includes establishing and maintaining a national data integration centre, in close collaboration with national partners, to enable the gathering, management and dissemination of interoperable health data in a quality-managed environment.

Job Description:
We are seeking an experienced and motivated Information Security Officer to join our dynamic Strategy & Management (S&M) Unit under the DMI. This role involves collaborating with cross-functional teams, planning, organization, implementation, and continuous improvement of the processes within LIH. In close collaboration with LIH’s quality management team, an Information Security Management System (ISMS) in line with ISO 27000 standards and in compliance with other standards (e.g. ISO 9001, ISO 17025, GCP…) shall be set-up. This includes developing, implementing, and monitoring information security program to ensure adherence to best practices, normative and regulatory requirements (e.g. GDPR, NIS, and EHDS).

Key Accountabilities:

• Develop, implement, and maintain information security policies, procedures, and documentation for  LIH processes in close collaboration with DMI units and LIH’s quality management team to ensure compliance with normative and regulatory requirements (ISO 9001, ISO 17025, GCP…).
• Develop and oversee the implementation of an ISMS in accordance with ISO 27000 standards, integrated into the existing institutional quality management system.
• Coordinate with different department heads and staff to ensure the effective implementation of the ISMS within operational and research processes
• Oversee the effective application of information security controls, IT risk assessments, and IT incident management in the scope of continuous improvement in process effectiveness and efficiency.
• Perform routine reviews and assessments to ensure compliance with policies and standards, and identify areas for improvement.
• Conduct training and on-boarding sessions on information security and IT processes to raise awareness, enhance staff understanding, compliance and engagement in information security changes.
• Stay abreast of the latest developments, advancements, and trends in the field of information security.

Key skills, Experience and qualifications:

• Proven experience in information security management, preferably within the healthcare or medical research sector.
• Strong knowledge and experiece in the application of of ISO 27000 standards and quality management systems (at least ISO 9001). Knoweldge of ISO 17025 and GCP would be an asset.
• Strong change management and coaching skills to drive information security awareness and adoption.
• Excellent communication skills and the ability to effectively articulate complex information to both technical and non-technical audiences.
• Good writing and presentation skills in English.
• Language skills : French and/or German is an asset.
• Demonstrated ability to organize and prioritize work.
• Strong strategic thinking, problem-solving, and evidence- and risk-based decision-making skills.
• Bachelor's or Master's degree in IT Security, or a related field. Certifications like CISSP, CISA, CISM, CRISC or ISO 27001 Lead Auditor/Implementer will be an added advantage.
• Experience in a research environment, collaborating with healthcare professionals, C-level executives, and principal investigators (PIs) is a plus.

Benefits:

• Cutting-Edge Work Environment: You will be part of a team at the forefront of medical research and data integration.
• High-Impact Work: Your work will contribute to the advancement of medical research and technology, potentially transforming the lives of countless individuals.
• Professional Growth: This role offers excellent opportunities for career development and growth.
  
  
  

Gender Equality
The LIH is an equal opportunities employer. We are fully committed to removing any discriminatory barrier related to gender, and not only, in recruitment and career progression of our staff. The LIH is attentive to gender representation among its leadership staff and aims to eliminate obstacles to the recruitment and promotion of female leaders and their career development.