Security Risk and Compliance AnalystJob LocationsUnited States-OH-CincinnatiCategoryIT Infrastructure & SupportJob SummaryMedpace is one of the leading Clinical Research Organizations in Healthcare. We seek an experienced Information Security Compliance Analyst with experience in auditing and compliance activities, substantial diligence, and can manage projects autonomously. You will be part of the Information Security team that secures the company's digital infrastructure by designing, implementing, and improving Medpace's cybersecurity architecture. You will also ensure compliance with Information Security frameworks, regulations, and data privacy authorities.ResponsibilitiesPerform SOX, SOC2, and GxP audits;Drive organizational alignment to the NIST Cyber Security Framework and perform annual reviews;Mature an organizational risk management program;Help advance the supply chain security evaluation program;Develop and modify corporate information security policies and procedures, including writing, reviewing, and updating policy documents;Evaluation of customer information security requirements within contracts to ensure compliance;Complete customer security questionnaires and help maintain an information security question/answer database;Perform customer-facing security presentations; andSupport the development of Information Security training.QualificationsMinimum of bachelor's degree, preferably in Information Technology.Minimum of two years of experience in Information Security auditing or compliance activities.Auditing and policy writing experience.Understanding of security best practices and how to implement them business-wide.Previous employment or experience in a highly regulated industry such as healthcare, financial, or defense experience with standards such as ISO, NIST, HIPPA, and/or SOC2.Vendor risk management platforms (Security Scorecard, BitSight, Black Kite, etc.).Experience with a security information and event management system (SIEM) for audit.Medpace OverviewMedpace is a full-service clinical contract research organization (CRO). We provide Phase I-IV clinical development services to the biotechnology, pharmaceutical and medical device industries. Our mission is to accelerate the global development of safe and effective medical therapeutics through its scientific and disciplined approach. We leverage local regulatory and therapeutic expertise across all major areas including oncology, cardiology, metabolic disease, endocrinology, central nervous system, anti-viral and anti-infective. Headquartered in Cincinnati, Ohio, employing more than 5,000 people across 40+ countries.Why Medpace?People. Purpose. Passion. Make a Difference Tomorrow. Join Us Today.The work we've done over the past 30+ years has positively impacted the lives of countless patients and families who face hundreds of diseases across all key therapeutic areas. The work we do today will improve the lives of people living with illness and disease in the future.Cincinnati PerksCincinnati Campus OverviewHybrid work-from-home options (dependent upon position and level)Competitive PTO packages, starting at 20+ daysFlexible work hoursDiscounted tuition for UC online programsCompany-sponsored employee appreciation eventsEmployee health and wellness initiativesCommunity involvement with local nonprofit organizationsCompetitive compensation and benefits packageStructured career paths with opportunities for professional growthPartnership and discount with onsite childcareDiscounts on local sports games, local fitness gyms and attractionsOfficial Sponsor of FC CincinnatiModern, ecofriendly campus with