Senior Analyst, Information Security and Governance

Overview M42 delivers comprehensive healthcare services across the full continuum of care; from primary care to advanced specialty treatments. Leveraging cutting-edge health technologies and precision medicine, we ensure the highest standards of effectiveness, efficiency, and patient-centered outcomes. With a global presence spanning more than 480 facilities in 27 countries and a dedicated workforce of over 20,000 professionals, M42 is uniquely positioned to redefine the future of healthcare on a global scale.

This role plays a critical role in leading the organization’s security initiatives and ensuring the protection of all information assets. The role would also be responsible for designing advanced security solutions, managing complex security projects, and mentoring junior security staff. This position demands extensive experience in information security and a deep understanding of evolving cybersecurity threats.

Responsibilities

• Security Strategy Development: Lead the development and implementation of the organization’s information security strategy and roadmap in alignment with business objectives.
• Advanced Risk Management: Perform in-depth risk assessments and vulnerability analyses to identify and mitigate complex security risks. Develop risk management strategies and frameworks.
• Incident Management: Oversee the organization’s incident response process, including detection, analysis, containment, eradication, recovery, and post-incident review. Lead major incident investigations and coordinate with external agencies when necessary.
• Security Architecture: Design and implement advanced security architectures and solutions for the protection of the organization’s information assets. Ensure that security is embedded in the design and deployment of IT systems.
• Leadership & Mentoring: Provide guidance and mentorship to junior security staff, fostering a culture of continuous learning and improvement.
• Compliance & Audit: Ensure that the organization remains compliant with all relevant security regulations and standards (e.g., GDPR, ISO 27001, NIST). Lead security audits and work closely with external auditors.
• Third-Party Management: Evaluate and manage the security posture of third-party vendors and partners. Ensure that third-party risks are identified and mitigated.
• Threat Intelligence: Lead the organization’s threat intelligence efforts, staying ahead of emerging threats, and ensuring the organization is prepared to defend against them.
• Collaboration with Executives: Work closely with the Chief Information Security Officer (CISO) and other executive leaders to communicate security risks and ensure that security initiatives align with business goals.
• Continuous Improvement: Drive continuous improvement in the organization’s security practices through innovation, research, and adoption of new technologies.

Qualifications

• Bachelor’s degree in Information Security, Computer Science, or a related field.

• Atleast 5 years of professional experience in Information Security.

• Experience in risk management, information security, security operations, and security review.

• Must have one of the following industry certification:

• Certified Information Systems Security Professional (CISSP)

• Certified Information Security Manager (CISM) or

• Certified Information Systems Auditor (CISA)

• Additional certifications such as CRISC (Certified in Risk and Information Systems Control) or CCSP (Certified Cloud Security Professional) are highly desirable.

• Excellent communication skills with the ability to effectively communicate complex security issues to non-technical stakeholders.