Velsera is a global precision medicine technology company that accelerates the discovery, development, and delivery of precision medicine through integrated AI-enhanced software and expert services.…
Velsera is a global precision medicine technology company that accelerates the discovery, development, and delivery of precision medicine through integrated AI-enhanced software and expert services.…
aMedicine moves too slow. At Velsera, we are changing that
.Velsera was formed in 2023 through the shared vision of Seven Bridges and Pierian, with a mission to accelerate the discovery, development, and delivery of life-changing insights
.Velsera provides software and professional services for
:AI-powered multimodal data harmonization and analytics for drug discovery and developmen
tIVD development, validation, and regulatory approva
lClinical NGS interpretation, reporting, and adoptio
nWith our headquarters in Boston, MA, we are growing and expanding our teams located in different countries
**!
What will you d**
o?Compliance & Governan
**A.
Requireme**
ntsWhat do you bring to the tab
le?· Experien
ce:Minimum of 8+ years of progressive experience in Information Security GRC, with a focus on risk management, compliance, and governan
ce.Proven, hands-on experience driving and maintaining ISO 27001 certification progra
ms.Deep practical knowledge and experience of implementing security controls ensuring compliance in a technical, cloud-centric environme
nt.Strong technical competency in Cloud Security (AWS, Azure, or GCP) and related cloud-native security servic
r).
Soft Sk
illsProficiency in written and verbal communication skills with the ability to translate complex security and compliance requirements / controls into clear action
ableStrong project management and organizational skills to handle multiple, simultaneous audit and compliance initiati
ves.A collaborative and proactive mindset, with the ability to influence and lead cross-functional teams without direct author
ity.Bene
fitsFlexible Work & Time Off - Embrace hybrid work models and enjoy the freedom of unlimited paid time off to support work-life bala
nce.Health & Well-being - Access comprehensive group medical and life insurance coverage, along with a 24/7 Employee Assistance Program (EAP) for mental health and wellness supp
ort.Growth & Learning - Fuel your professional journey with continuous learning and development programs designed to help you upskill and g
row.Recognition & Rewards - Get recognized for your contributions through structured reward programs and campai
gns.Engaging & Fun Work Culture - Experience a vibrant workplace with team events, celebrations, and engaging activities that make every workday enjoya
ble.& Many Mor
e...
Startup jobs. A lot of them.
Your next opportunity is in here somewhere. Sign up to explore 70,000+ startups and their open roles. No spam. No gamification. Just jobs.
70,000+
Startups
83,000+
Open Roles
4,700+
New This Week
Mobile Developer
ContractRotterdam, NL
Contract • Rotterdam, NL
Technical Writer
InternshipBerlin, DE
Internship • Berlin, DE
Mobile Developer
InternshipBelgrade, RS
Internship • Belgrade, RS
Software Engineer
Full-timeManchester, GB
Full-time • Manchester, GB
AI Researcher
Part-timeHaifa
Part-time • Haifa
Technical Writer
Full-timeCambridge, GB
Full-time • Cambridge, GB
ceDevelop, implement, and maintain comprehensive information security policies, standards, and procedures aligned with the ISO 27001 framewo
rkLead, manage, and mature the organization's Information Security Management System including risk treatment, internal audits, and readiness for external certification audit
s.Serve as the subject matter expert (SME) for Security and Privacy Rules, ensuring compliance for all systems, processes, and applications handling PII and Protected Health Information (PHI
).Conduct continuous monitoring and evidence collection to demonstrate compliance with relevant framework
s.Plan, conduct and manage internal and supplier audi
tsPlan GRC activities, prioritise and implement them in timebound manne
r.Perform detailed security risk assessments and gap analyses on new and existing systems, with a focus on cloud infrastructu
reCollaborate with Product, Technology, IT and Security teams to implement security controls into cloud / infra / environments, ensuring compliance. Provide technical guidance to them on implementing controls and best practices, specifically related to cloud security architecture and configuration
s.Review risk mitigations periodically and track remediation efforts to closur
e.Conduct third-party vendor risk assessments, focusing on their adherence to required compliance standard
s.Develop and deliver targeted security awareness and training programs focused on HIPAA and ISO 27001 requirements for all staff, including technical team
s.Evaluate and recommend new security technologies and processes to enhance the compliance and risk postur
e.Stay current on emerging cloud security threats, regulatory changes, and updates to the ISO 27001 family of standards and HIPA
es.Education: Bachelor's degree in IT, Computer Science or related fie
ld.Certifications (One or more highly preferre
d):CISSP (Certified Information Systems Security Profession
al)CISA (Certified Information Systems Audit
or)ISO 27001 Lead Implementer/Audi
torCCSK (Certificate of Cloud Security Knowledge) or equivalent Cloud-specific security certification (e.g., AWS Certified Security, Azure Security Enginee
