GE Healthcare
Senior Compliance Analyst (Cybersecurity & Privacy)
Ensure compliance with security and privacy regulations and frameworks such as HIPAA, ISO 27001, ISO 27701, ISO 27017, ISO 27018, GDPR, and other relevant standards.
Develop, implement, and maintain compliance policies, procedures, and controls partnering with product, Security, Privacy and Legal Teams.
Conduct risk assessments, audits, and gap analyses to ensure compliance with industry standards and regulatory requirements.
Liaise with internal and external auditors and regulatory bodies to support certifications and assessments.
Monitor emerging regulatory changes and assess their impact on the organization.
Work closely with engineering, security, and privacy teams to integrate compliance requirements into system architectures and processes.
Translate compliance controls into technical requirements for cloud and infrastructure teams.
Support DevSecOps initiatives to ensure security and compliance in CI/CD pipelines.
Provide guidance on data protection strategies, encryption, access controls, and security best practices to GEHC Product Teams.
Lead cross-functional compliance projects, ensuring alignment with business objectives and technical feasibility.
Work with engineering teams to develop automated compliance monitoring solutions.
Collaborate with legal, security, privacy, and Product teams to drive a unified compliance strategy.
Communicate compliance objectives and updates to senior leadership and key stakeholders.
Support compliance efforts in cloud environments (AWS) and assess security risks related to cloud adoption.
Assist in security incident response and remediation efforts related to compliance.
Bachelor’s or Master’s degree in information security, Computer Science, Law, or a related field.
5+ years of experience in compliance, security risk management, or a related field.
Strong knowledge of ISO 27001, ISO 27701, ISO 27017, ISO 27018, GDPR, NIST 800-53 and other security/privacy regulations.
Technical understanding of cloud security, encryption, IAM, DevSecOps, and network security.
Experience translating compliance controls into technical and operational requirements.
Strong project management skills, with experience leading compliance initiatives.
Excellent stakeholder communication and collaboration skills.
Experience working in a cloud-based environment (AWS, Azure, or GCP) is an advantage.
Relevant certifications such as CISSP, CISM, CIPP/E, ISO 27001 Lead Auditor/Implementer are advantage
Fluent English
GE HealthCare is a leading global medical technology and digital solutions innovator. Our mission is to improve lives in the moments that matter. Unlock your ambition, turn ideas into world-changing realities, and join an organization where every voice makes a difference, and every difference builds a healthier world.
Inclusion & Diversity statementGE Healthcare is an Equal Opportunity Employer where inclusion matters. Employment decisions are made without regard to race, color, religion, national or ethnic origin, sex, sexual orientation, gender identity or expression, age, disability, protected veteran status or other characteristics protected by law.
Our total rewards are designed to unlock your ambition by giving you the boost and flexibility you need to turn your ideas into world-changing realities. Our salary and benefits are everything you’d expect from an organization with global strength and scale, and you’ll be surrounded by career opportunities in a culture that fosters care, collaboration and support.
#LI-ED1
Additional InformationRelocation Assistance Provided: No
