ABOUT ORGANOX:

OrganOx is an innovative, fast-paced, global medical device company with a mission to save lives by making every donated organ count. We are a commercial stage organ technology company, spun out of the University of Oxford in 2008, committed to improving transplantation outcomes throughout the world. The company’s first product, the OrganOx metra® normothermic machine perfusion (NMP) system for liver transplantation, has been used to support more than 5,000 liver transplant operations globally. As part of our ongoing expansion, we seek a motivated Cybersecurity Specialist to join our IT team.

POSITION SUMMARY

As Cybersecurity Specialist, you will play a crucial role in securing our IT systems and providing specialist cybersecurity services to our staff around the world.
We are seeking a flexible and innovative team player with a positive attitude and a hands-on approach who can help us mature our cybersecurity capability and introduce new controls and policies to meet a range of existing and future governance and compliance scopes. This role requires a mix of strategic, technical and people skills to help OrganOx deliver positive impact to many patients lives. This is a great opportunity to help build cybersecurity services and continuously improve cybersecurity at OrganOx.
This is a flexible, on-site role in Oxford.
Listed below are the major responsibilities of the role and a brief description of some of the key tasks to be performed. This list is not totally exhaustive.

SKILLS & EXPERIENCE

• Minimum 5 years proven experience as a Cybersecurity Specialist or similar role.
• In-depth knowledge of security frameworks, protocols, and best practices including, but not limited to Cyber Essentials, CE+, SOC2, SOX ITCG, GDPR, NIST, HIPAA, ISO27001 especially relating to US companies.
• Engaging with customers, vendors and regulatory agencies.
• Experience in using security tools and software to diagnose cybersecurity incidents, especially MS.
• Experience in security and compliance audits.
• Strong analytical and problem-solving skills.
• Experience within a Security Operations Centre would be an advantage.
• Experience conducting penetration tests would be a plus.
• Excellent communication and teamwork abilities.

QUALIFICATIONS

• Cybersecurity experience within a medical device manufacturer, or life science organization is preferred, especially within an FDA regulated environment.
• Ideally CISSP, or CISM qualified, other relevant security certifications such as, CEH, CISA, GCIH, SSCP, GSEC, CompTIA Security+ may be considered.
• Microsoft Security certifications or equivalent knowledge are a bonus, we operate MS365 / Azure.
  A job description does not imply that the duties stated are the only ones to be performed by the job holder. Job holder will be required to follow any other job-related instruction as reasonably requested by their line manager or their designate.

Under direction from the IT Operations Manager the Cybersecurity Specialist will be responsible for:

• Act as cybersecurity subject matter expert within the OrganOx IT team and named cybersecurity contact for OrganOx
• Develop and implement security policies, protocols, controls and procedures.
• Monitor network activity for security breaches and investigate violations.
• Lead internal response to security incidents and provide thorough documentation, working with the external SIEM service. This may sometimes require working outside of UK hours.
• Organise and perform regular security audits and risk assessments.
• Achieve and maintain compliance to a growing number of compliance scopes including, but not limited to Cyber Essentials, CE+, SOC2, SOX ITCG, GDPR, NIST, HIPPA and others.
• Support customer interactions that call upon specialist cybersecurity input.
• Stay updated with the latest cybersecurity trends and technologies, and risks.
• Adhere to the letter and spirit of OrganOx’s Code of Conduct and all other company policies