Information Security Generalist

We’re looking for an experienced, hands-on information security practitioner to help maintain and improve our information security program. On 4DMedical’s information security team, one day you’ll write code to automate evidence collection, the next you’ll advise our research team on how to securely process patient data. The day after that, maybe you’ll evaluate a potential vendor to ensure they meet our infosec requirements or consult with engineering on the security of their new CI/CD infrastructure. If you enjoy putting broad infosec experience to work every day and jump at opportunities to add to it, then 4DMedical may have a place for you. Why 4DMedical 4DMedical builds software medical devices which help doctors save lives. Our mission is to improve global health by providing unique and non-invasive imaging technologies that enable unprecedented insight into pulmonary function, critical in the analysis and management of respiratory diseases. We measure our impact through the number of lives we touch, and the depth of the benefit we deliver to them. Our commitment to improving the world includes improving the lives of our employees. We offer competitive benefits and a work environment where everyone is treated with respect and dignity. We encourage healthy work/life balance and support employees in times of need. Why this position We’re not a large company, and we don’t have a huge information security team divided into niche specialties. We hire talented infosec people with diverse skillsets who enjoy putting them to good use and give them daily opportunities to do that. While our headquarters is in Melbourne, Australia, about a third of our employees are in the United States, including this role’s manager and skip-level manager. We are a remote-friendly company and welcome applications from anywhere in the U.S.; we also have offices in Los Angeles and Minneapolis for local employees who wish to use them. We are in the early stages of planning and executing substantial improvements to our existing information security program. As part of the team doing that work, you’ll have the opportunity to make a significant difference. Who we’re looking for These qualifications are essential to this position: In-depth understanding of information security principles and frameworks, including cloud, on-prem, and corporate IT Strong written and oral communication skills Bachelor’s degree or greater in a relevant field, or equivalent experience Ability to work independently or in close collaboration with others as appropriate A commitment to treat others with professionalism and mutual respect in all work interactions A profound respect for the importance of internal documentation Flexibility to work later hours on occasion to enable meetings and synchronous conversations with colleagues in Australia (14 hours ahead of U.S. Eastern) Ideal candidates also have most or all of these: 5+ years of relevant experience Linux, macOS, and Windows IT and security experience Experience automating IT or security tasks with modern scripting languages such as Python and PowerShell Experience with security and privacy compliance frameworks such as ISO 27001, SOC 2, FedRAMP, GDPR, C5, and the ACSC Essential Eight Demonstrated ability to succeed as a remote employee If you’re certain you’re the right person for this position, we want to hear from you even if you don’t have all these qualifications!