Cybersecurity Compliance Engineer

Join us in pioneering breakthroughs in healthcare. For everyone. Everywhere. Sustainably.

Our inspiring and caring environment forms a global community that celebrates diversity and individuality. We encourage you to step beyond your comfort zone, offering resources and flexibility to foster your professional and personal growth, all while valuing your unique contributions.

Are you an accomplished Cybersecurity Expert with a passion for cloud-native software products?

We are seeking a talented individual to lead our cybersecurity activities for an innovative SaaS application in the regulated medical domain. As the Cybersecurity Expert, you will take ownership of the complete information security management system and its certifications.

Key Responsibilities

• Plan, design and implement security measures for the protection of cloud applications.
• Execute and maintain cybersecurity processes and documentation on the related products in the product lifecycle.
• Manage pre-market cybersecurity activities (e.g., threat modeling, cybersecurity risk assessment, static code analysis, third party vulnerability testing).
• Manage post-market cybersecurity activities (e.g., compliance checking, vulnerability scanning, cybersecurity risk modeling).
• Maintain information security certifications and facilitate audits.
• Investigating post-market cybersecurity complaints and escalations.
• Awareness of cybersecurity trends and industry standards.

About The Product

Noona is an oncology-focused, cloud based SaaS software solution for patient engagement, designed to support patients every step of the way, from diagnosis through to post-treatment follow-up. Seamlessly integrated with ARIA CORE or other Hospital Information Systems (HIS), Noona helps enhance patient care by automating the delivery of essential treatment information (e.g. upcoming appointments, education materials, test results, and clinical reports) and extending the point of care from inside the hospital directly to patients.

Tech Stack

• Backend: Java and Kotlin with Spring
• Frontend: Typescript and Angular
• Mobile app: Ionic
• Data stores: PostgreSQL and Snowflake
• Pipelines: GitLab
• Cloud native SaaS running on AWS

What You Should Have

• BSc/MSc in Computer Science or a related field
• Minimum 3 years of experience in a cybersecurity role
• Hand-on experience implementing one or more regulations (ISO27001, SOC-2, Germany C5, Spain ENS, France HDS etc.) in a mid-size organization
• Experience in cloud-native products running on AWS or Azure
• A "can-do" attitude with strong collaboration and teamworking skills
• Proficient oral and written communication in English (no Finnish required)

Nice To Have

• Experience in the healthcare field
• Experience with SOC2, C5, ENS, HDS or similar
• Certifications in the field

If you are a motivated and skilled expert in Cybersecurity, seeking a rewarding opportunity to lead in the cloud-native SaaS space and make a difference in the healthcare industry, we invite you to apply now.

Who we are

We are a team of more than 72,000 highly dedicated Healthineers in more than 70 countries. As a leader in medical technology, we constantly push the boundaries to create better outcomes and experiences for patients, no matter where they live or what health issues they are facing. Our portfolio is crucial for clinical decision-making and treatment pathways.

How we work

When you join our organization, you become one in a global team of scientists, clinicians, developers, researchers, professionals, and skilled specialists, who believe in each individual’s potential to contribute with diverse ideas. We are from different backgrounds, cultures, religions, political and/or sexual orientations, and work together, to fight the world’s most threatening diseases and enable access to care, united by one purpose: to pioneer breakthroughs in healthcare. For everyone. Everywhere. Sustainably.

As an equal opportunity employer, we welcome applications from individuals with disabilities.

Data Privacy

We care about your data privacy and take compliance with GDPR as well as other data protection legislation seriously. For this reason, we ask you not to send us your CV or resume by email. We ask instead that you create a profile where you can upload your CV. Setting up a profile also lets us know you are interested in career opportunities with us and makes it easy for us to send you an alert when relevant positions become open.

Beware of Job Scams

Please beware of potentially fraudulent job postings or suspicious recruiting activity by persons that are currently posing as our recruiters/employees. These scammers may attempt to collect your confidential personal or financial information. If you are concerned that an offer of employment with us might be a scam or that the recruiter is not legitimate, please verify by searching for the posting on our career site.

To all recruitment agencies

We do not accept agency resumes. Please do not forward resumes to our jobs alias, employees, or any other company location. We are not responsible for any fees related to unsolicited resumes. As an equal opportunity employer, we welcome applications from individuals with disabilities.