✨ WHY CHOOSE MEDSIR ✨

We are a Barcelona-based fastest-growing company founded by scientific experts 🔬. We are dedicated to the design and management of innovative strategic clinical trials in oncology, from study conception to the publication of study results 💊📃. Together, we create the best strategies that are both clinically relevant and scientifically meaningful 💉. We strive to improve our knowledge of this complex disease and the vast array of available treatments in a fast-innovative way 🚀.

At MEDSIR, you will have the job of your life while working together towards our shared 🌟 mission 🌟 bringing novel treatments to cancer patients worldwide. We welcome top performers that will bring new ideas, diverse perspectives, and provide you the opportunities and freedom to grow and make a real impact ❤ in patients' lives and science... all while having great fun 🎉.

🤓 ABOUT THE OPPORTUNITY

The Information Security Specialist executes and contributes to continuous improvement of information security and system protection across clinical and corporate digital environments. Helps ensure the confidentiality, integrity, and availability of systems and data through the effective operation of an Information Security Management System (ISMS) aligned with regulatory and certification requirements.

The role requires carrying out application access governance activities, including periodic access reviews, vulnerability management, security documentation, and audit readiness to support security certifications and regulatory audits. The Information Security Specialist reports directly to the Digital Environment Director.

🚀 HOW YOU WILL CONTRIBUTE:

• · Operates and continuously improves the Information Security Management System (ISMS) in line with ISO/IEC 27001, including maintenance of required documentation and evidence.

  · Maintains and updates information security policies, standards, procedures, and control documentation under the established governance framework.

  · Performs security risk assessments and risk treatment planning, including tracking remediation actions and supporting ongoing risk monitoring.

  · Executes periodic user and privileged access reviews, including documentation and maintenance of traceable audit evidence.

  · Performs vulnerability management activities for infrastructure, applications, and platforms, including vulnerability scanning, result analysis, risk classification, and remediation tracking to closure.

  · Handle technical security incident handling, including initial analysis and evidence collection.

  · Mantains operational security documentation, inventories, and evidence required for audits and certifications.

  · Executes security incident handling, including initial triage, investigation support, evidence collection, escalation, and follow-up of corrective actions per procedure.

  · Prepares and mantains audit evidence, supporting internal reviews, and coordinating responses for external certifications and regulatory inspections.

  · Contributes to security awareness and training initiatives through development of materials and participation in rollout and internal communications.

  · Implements security controls in collaboration with IT Infrastructure.

  · Ensures alignment with Quality Assurance between information security, data integrity, and regulated system requirements.

  · Prepares security status reporting and risk insights to stakeholders, including escalation of key issues and improvement opportunities as needed.

💪 WHAT DO WE VALUE FOR THIS OPPORTUNITY?

• · Proven experience in information security within regulated or complex environments.

  · Strong knowledge of ISO/IEC 27001, GDPR, and information security governance principles.

  · Experience designing and operating an Information Security Management System (ISMS).

  · Experience supporting internal audits, external certification audits, and regulatory inspections, including preparation of audit evidence

  · Experience with vulnerability management, including vulnerability assessments, risk classification, and remediation tracking.

  · Familiarity with security monitoring activities and security incident handling.

  · CISA/CISM certification.

  · Understanding of GxP principles, data integrity, and regulated IT environments.

  · Ability to conduct and support security risk assessments, audits, and incident response activities, including evidence collection and coordination with technical teams.

  · Strong documentation and policy-writing skills.

  · Experience collaborating with IT, Quality, Data, and Digital teams.

  · Analytical mindset with strong risk-based decision-making skills.

  · Ability to work independently, manage priorities, and communicate effectively with technical and business stakeholders.

  · Fluent English and Spanish.

📢 THE THINGS YOU REALLY WANNA KNOW 😉:

At MEDSIR, we believe that employees today want to evolve in collaborative, high-growth environments where they can demonstrate their abilities and thrive both professionally and personally. We are convinced that employees need to find alignment between their inner values and their company's culture and mission to unlock their full potential. We work to create a culture of empowerment, continuous learning and growth where everyone can bring expertise, own projects and easily measure their impact.

🙌 BENEFITS

🤓 Work with world-renowned clinicians and KOL's on high-level publications and papers.

🚀 Fast growth, we are an early-stage company with a multidisciplinary team and many growth opportunities.

🏡 Work-life balance - hybrid working model and flexible hours focusing on performance rather than office hours.

🎓 Unlimited access to GoodHabitz courses and regular workshops (external & internal) to continue your development.

📚 Opportunities to participate in scientific conferences & events at national and international level.

💉 Private health Insurance (AXA).

🏝 Work-from-abroad policy depending on position and local legislation.

🌏 A young & international team with a company culture focused on development.

☕ Positive, dynamic, and passionate work environment.

💪🏽 Elevate your wellness with Wellhub (formerly GymPass)! One subscription for the best in fitness, mindfulness, therapy, nutrition, and sleep support-all in one place.

💸 "Flexible compensation plan" to help you save taxes and increase your net salary (Cobee).

🎂 A free day on your birthday so you can truly celebrate!

🎉 Unforgettable MEDSIR events and regular get togethers.

👥 Equal employment opportunity, at MEDSIR we proudly pursue a diverse workforce and celebrate our differences.

🌇 A fantastic workplace located in 22@, Barcelona's new hub of innovation.

💻 We work with MacBook computer (Apple).

If you believe you match our values, you are unique and feel ready to make a change, we look forward to meeting you!

🧡 We are committed to fostering a diverse and inclusive workplace, where all individuals are treated with respect and equality, regardless of race, gender, age, religion, disability, or any other characteristic. We believe in providing equal opportunities for all and do not tolerate discrimination in any form.