What are the responsibilities and job description for the Information Security Compliance Specialist position at Octagos Health?
Key Responsibilities :
Compliance Management :
Thorough knowledge of SOC 2, HIPAA, and NIST 800-53, with the ability to design, implement, and monitor processes to ensure ongoing compliance.
Azure Security :
Strong expertise in securing Azure-hosted infrastructure, including configuring security controls for Azure servers, virtual networks, and storage.
Knowledge of configuring and using Azure-native tools such as Azure Policy, Azure Security Center, Azure Key Vault, and Azure Monitor for protecting cloud assets.
Endpoint Security :
Expertise in implementing and managing Endpoint Detection and Response (EDR) and other security solutions on workstations and servers to detect and respond to threats in real-time.
Experience deploying, managing, and monitoring endpoint security across workstations used by employees, ensuring adherence to security best practices.
Incident Management :
Ability to detect, respond to, and resolve potential security breaches, ensuring responses meet healthcare standards.
Knowledge of how to handle data breaches, including forensic investigation, communication, and remediation, in accordance with HIPAA guidelines.
Training & Awareness :
Experience designing and implementing phishing testing campaigns and security awareness training for employees.
Audit Preparation & Log Management :
Ability to prepare for security and compliance audits by managing audit trails, implementing log retention, and using monitoring tools like Azure Monitor and third-party solutions.
Risk Assessment & Remediation :
Experience conducting risk assessments and applying the appropriate security controls to mitigate risks per NIST 800-53 and HIPAA.
Hands-on experience in proactively identifying potential vulnerabilities and remediating them across Azure-hosted infrastructure and endpoints.
Tooling :
Proficiency in using security tools such as :
Azure Security Center for threat detection and monitoring.
Azure Sentinel for Security Information and Event Management (SIEM).
Compliance management solutions for SOC 2 and HIPAA.
Experience with phishing simulation tools and security awareness platforms to strengthen employee resilience to social engineering attacks.
Automation :
Familiarity with automating security updates, patching, and monitoring using Azure Automation or other automation tools.
Documentation :
Capability to document security policies, procedures, incident response plans, and compliance processes to maintain audit readiness.
Qualifications :
Education : Bachelor's Degree in Computer Science, Information Security, or a related field
Relevant Certifications such as CISSP, CISM, CISA or Certified HIPAA Professional (CHP)
Certification in SOC 2 or NIST frameworks (e.g., CISA) is preferred.
Certifications in cloud security, such as Microsoft Certified : Azure Security Engineer Associate, are a plus.
Knowledge of Firewall / VPN configurations and Microsoft 365.
Experience :
Minimum of 3-5 years of experience in a security or compliance role, preferably within a healthcare or SaaS environment.
Proven experience maintaining SOC 2 and HIPAA compliance.
Understanding of NIST 800-53 for managing risk and implementing security controls.
Expertise in working with Azure security controls and configurations, particularly in securing cloud infrastructure.
Familiarity with additional compliance frameworks such as HITRUST, ISO 27001, or GDPR is a plus.
Experience with Identity and Access Management (IAM) systems (SSO, SAML, MFA) in healthcare environments is also a plus.
Keep a pulse on the job market with advanced job matching technology.
If your compensation planning software is too rigid to deploy winning incentive strategies, it’s time to find an adaptable solution.
Compensation Planning
Enhance your organization's compensation strategy with salary data sets that HR and team managers can use to pay your staff right.
Surveys & Data Sets
What is the career path for a Information Security Compliance Specialist?
Sign up to receive alerts about other jobs on the Information Security Compliance Specialist career path by checking the boxes next to the positions that interest you.
