Information Security Manager

Product Development
- 40 hours / week
- Hybrid/Leiden

As our new Information Security Manager & IT Infrastructure, you will take on a dual role in to maintain and expand Medis’ internal and external hybrid IT infrastructure while ensuring the security of our software products and compliance with information security standards.

**Role description**:

- As our new Information Security Manager & IT Infrastructure, you will take on a dual role in to maintain and expand Medis’ internal and external hybrid IT infrastructure while ensuring the security of the company’s software products and compliance with internationally recognized information security standards. You will be responsible for overseeing the company’s internal network and cloud systems, supporting ISO 27001 and regulatory certifications, and spearheading the further development of our Information Security Management System (ISMS). This role is ideal for someone who thrives in both hands-on operational and strategic tasks in a regulated environment.

Key Responsibilities:

- Develop and maintain IT security strategies aligned with business goals and industry standards.
- Propose and implement strategic (inter)network improvements and evaluate IT vendors for quality and cost-effectiveness.
- Implement and manage the ISMS, ensuring compliance with regulations (e.g., GDPR, HIPAA, ISO 27001) and alignment with the Quality Management System for product development.
- Conduct risk assessments, address security threats, and lead incident response planning.
- Stay current with cybersecurity best practices; deliver training and awareness programs.
- Select and oversee security technologies to support secure software development.
- Maintain and secure Medis’ internal network and telecom infrastructure.
- Install, manage, and expand servers, services, and endpoint security tools (firewalls, antivirus, MDM, RMM).
- Oversee hardware/software services, licenses, and IT subscriptions.
- Support cloud service integration and performance (e.g., Microsoft 365, AWS, Salesforce, Atlassian).
- Develop and maintain Disaster Recovery and Business Continuity systems.
- Provide operational IT support, including helpdesk services across all Medis locations.
- Liaise with external IT specialists to resolve complex issues and deliver technical solutions.
- Coordinate responses to customer inquiries related to information and cybersecurity aspects.

**The profile we are looking for**:

- Relevant professional certifications (e.g., CISSP, CISM, CEH).
- Proven experience in IT security, preferably in a software development environment.
- Experience in designing and maintaining an ISMS.
- Experience with the certification process under ISO 27001.
- Experience in the biomedical field or medical device industry is an asset.
- In-depth knowledge of GDPR, HIPAA, NIST, NIS2, and other relevant security standards and regulations.
- Extensive knowledge of Microsoft technologies; Linux/Mac experience is an asset.
- Strong knowledge and hands-on experience with TCP/IP, network technologies, Microsoft server products, and security infrastructure.
- Proven experience with firewalls, internet servers, and security policy implementation.
- Practical experience with MDM and RMM platforms.
- Familiarity with ISO standards related to IT and information security (e.g., ISO 27001).
- Experience with cloud services (e.g., Microsoft 365, Salesforce, AWS, Atlassian).

**Personal skills and competences**:

- Analytical, structured, and detail-oriented.
- Able to work independently with high levels of accountability.
- Strong interpersonal and communication skills, across both technical and non-technical teams.
- Flexible, service-oriented mindset with a proactive attitude.
- Comfortable navigating between hands-on tasks and high-level strategic planning.

**What Medis offers you**:

- An opportunity to contribute to meaningful innovation in healthcare.
- A collaborative, international, and mission-driven team.
- A competitive compensation package, with hybrid working setup.
- A pension plan, with strong employer contribution.
- The option to purchase additional vacation days.
- A role where your impact is visible, valued and truly matters.

Applications from recruitment agencies will not be considered. While we appreciate your interest, we handle our hiring internally and are not engaging with external recruiters for this role.

**Who are we?**:
At Medis we believe in empowering medical professionals with our innovative analytical solutions. Our software aims to provide our customers with the insights they need to definitively diagnose and treat cardiovascular disease, at the right time, in the right place.

For more than 30 years cardiologists, radiologists, researchers and industry partners worldwide have relied on Medis software, resulting in customers in more than 40 countries. Our headquarters are in Leiden, Netherlands, but we have subsidiaries and branch offices in the USA, Japan, Germany and t