Job Description

This is a hybrid role. Candidates from Bengaluru/Delhi will be preferred. About Us Augnito is the next gen Voice AI powering the healthcare industry. Augnito empowers medical professionals and streamlined clinical workflows with cloud-based, AI speech recognition that offers ergonomic data entry with 99% accuracy, without the need for voice profile training, from any device, anywhere. From the outset, Augnito was built in close partnership with clinicians, using human-centered design, to create an AI natural language processing engine to fit your needs - not the other way around. As a result, Augnito offers excellent support for a wide variety of clinical vocabulary and workflows and can halve your clinical reporting and admin time, increase revenue, prevent physician burnout, eliminate transcription waiting delays, and enable you to focus your energy on patient care - not documentation. Augnito is currently deployed at 300+ hospitals and health systems and has a growing presence in 20+ countries, including the US, UK and Canada Job Summary: We are seeking an experienced Information Security Specialist to join our team. The successful candidate will be responsible for managing and ensuring compliance with ISO27001, HIPAA, and GDPR standards. This role involves control mapping, conducting audits, maintaining compliance calendars, providing training, and developing information security documentation for both internal and external stakeholders. Responsibilities: Control Mapping: Create a comprehensive list of controls for ISO27001, HIPAA, and GDPR. Identify control gaps and recommend necessary measures to achieve compliance. Compliance Calendar: Maintain an Annual Compliance Activity calendar to provide advance notice to relevant stakeholders regarding upcoming assessments and audits. Coordinate with internal teams and external auditors to schedule and conduct compliance activities in a timely manner. Audits: Plan and conduct various audits in accordance with the compliance calendar, including: Internal Audit: Perform internal audits to assess the effectiveness of information security controls and processes. ISO27001 Audit: Coordinate and participate in ISO27001 compliance audits to ensure adherence to the standard\'s requirements. HIPAA Audit: Conduct audits to verify compliance with HIPAA regulations and safeguarding of protected health information (PHI). Data Audit: Perform data audits to assess the security and integrity of sensitive data. Training and Advisories: Conduct induction Information Security training sessions to familiarize employees with security protocols and best practices. Ensure that function-specific Subject Matter Experts (SPOCs) understand controls and the risk register, enabling their effective participation in audits and assessments. Stay updated on regulatory changes related to privacy and information security risks and provide advisories to relevant stakeholders. Infosec Documentation: Prepare and implement Information Security Management System (ISMS) documentation and other framework-related documents. Ensure the documentation is aligned with industry standards and integrated into the organization\'s systems and processes. Information Security Documentation for Customers: Develop information security documents for sharing with customers, addressing their concerns and queries related to information security. Collaborate with the sales and customer support teams to address customer-specific security requirements effectively. Qualifications: Bachelor\'s degree in Computer Science, Information Security, or a related field. Relevant certifications such as CISSP, CISM, ISO27001 Lead Auditor, or GDPR Practitioner are preferred. Proven experience in information security management, compliance, and audit activities, particularly related to ISO27001, HIPAA, and GDPR. Strong understanding of control frameworks, such as ISO27001, HIPAA, and GDPR, and their practical implementation. Familiarity with information security standards, regulations, and best practices. Excellent organizational and time management skills to manage compliance calendars and conduct audits within specified timelines. Strong communication and training skills, with the ability to effectively convey technical concepts to non-technical stakeholders. Attention to detail and ability to analyze and interpret information security requirements and regulatory changes. Knowledge of privacy and data protection principles and their application in different contexts. Experience in creating information security documentation and addressing customer inquiries. Ability to work independently, prioritize tasks, and collaborate with cross-functional teams. Augnito India Pvt. Ltd. is an equal opportunities employer. We are committed to providing equal opportunities throughout employment including in the recruitment, training and development of employees (including promotion, transfers, assignments and beliefs). Augnito will not tolerate any act of discrimination in the workplace including but not limited to: Gender, Gender identity, National or ethnic origins, Marital or Domestic Partnership status, Pregnancy Status, Carer\'s responsibilities, Sexual orientation , Race, Color, Religious belief, Disability, Age, Any other grounds of discrimination In order to provide equal employment and advancement opportunities to all individuals, employment decisions at Augnito will be based on merit, qualifications, and abilities. Our objective is to attract job applications and applications for development from the best possible candidates and to retain the best people.\'

foundit