ISMS Operations Leader

Job Description SummaryAs an Information Security and Privacy Management System Operations Leader at GE HealthCare, you will play a key role in supporting and coordinating the operational delivery of global cybersecurity and privacy frameworks, including ISO 27001, 27701, 27017, and 27018. Working closely with regional teams and senior stakeholders, you’ll help lead day-to-day security operations, contribute to risk assessments and compliance activities, and support continuous improvement initiatives. This role combines hands-on technical expertise with emerging leadership responsibilities, offering opportunities to guide team efforts, drive awareness campaigns, and collaborate across functions to strengthen GE HealthCare’s security posture and regulatory alignment.

Job Description

You will lead and coordinate activities to implement, maintain and continually improve the Management System according to the ISO 27001, ISO 27701, ISO 27017, and ISO 27018 standard requirements. This encompasses leading the resolution of security support requests and topics raised by the regions, delivering and validating security features through close collaboration with the global and region security representatives and global Privacy & Security teams.

In this role, you will:

• Be the integrator and point of contact for cyber security and cyber compliance while facilitating engagement and collaboration from other GE HealthCare Information Security & Infrastructure (IS&I) functional teams.

• Play a leading role in audits activities associated to the management system.

• Be the voice for the regions from a cyber security perspective evaluating business/customer expectations, requirements, & interactions

• Play a leading role in managing the day-to-day global operational tasks, including corrective actions, and continuous improvement initiatives.

• Implement solutions and mitigate gaps to maintain compliance with reliability, privacy, security and regulatory standards.

• Secure GE HealthCare information and assets, and ensure ongoing compliance with regulatory, contractual, and corporate policy requirements.

• Track and complete high profile corrective actions for continuous improvement, in collaboration with teams.

• Contributes to the risk assessments and ensure successful execution of corresponding risk treatments

• Facilitate regional communications and roll out of campaigns on policies, standards, procedures, standard certifications.

• Align with cross functional teams to define & implement data protection and governance processes and technologies.

• Maintain effective working relationships with peers, functional partners, GE HealthCare Business Leaders, and vendors to seamlessly integrate the program area into the overall strategic objectives and activities of the organization.

• Evaluate and apply emerging technologies and regulations

• Demonstrate your domain expertise; you are expected to further your own knowledge and improve productivity of your colleagues with activities such as creating learning content, giving presentations, and supporting a continuous learning culture

Education qualifications

• Bachelor’s degree in computer science or STEM Majors (Science, Technology, Engineering and Math) or similar education.

• Recognized industry leading certifications in relevant areas such as ISO27001 Lead Auditor/Implementer, CISSP, or CISM.

Desired Characteristics

Technical Expertise:

• Command a good understanding and experience in cyber security technologies, ISO27xxx-based Management System, risk management, and compliance concepts and processes.

• Working knowledge on risk assessment, gap analysis, and risk remediation

• Ability to consult stakeholders on alignment of outcomes and desired technical solutions

• Ability to Analyze, design, and develop a solution roadmap and implementation plan based upon a current vs. future state.

• Working knowledge of balancing security and business needs

• Design and deliver security awareness campaign

• Knowledgeable on specialised services catalog within a cybersecurity function and able to discuss proposed solution.

• Experience in project management, lean methodology

Business Acumen:

• Very strong English skills, verbal and written. Additional spoken and written languages other than English is beneficial.

• International and multi-cultural mindset

• Able to articulate the value of what is most important to the business/customer to achieve outcomes

• Able to produce functional area information in sufficient detail for cross-functional teams to utilize, using presentation and storytelling concepts.

• Demonstrated working knowledge of internal organization

• Anticipate obstacles, identify workarounds, leverage resources, encourage collaboration.

• Demonstrated ability to work with blended teams

• Demonstrated Change Management capabilities

• Strong interpersonal skills, including creativity and curiosity with ability to effectively communicate and influence across all organizational levels

• Proven analytical and problem resolution skills

Inclusion and Diversity

GE Healthcare is an Equal Opportunity Employer where inclusion matters. Employment decisions are made without regard to race, color, religion, national or ethnic origin, sex, sexual orientation, gender identity or expression, age, disability, protected veteran status or other characteristics protected by law.

We expect all employees to live and breathe our behaviors: to act with humility and build trust; lead with transparency; deliver with focus, and drive ownership – always with unyielding integrity.

Our total rewards are designed to unlock your ambition by giving you the boost and flexibility you need to turn your ideas into world-changing realities. Our salary and benefits are everything you’d expect from an organization with global strength and scale, and you’ll be surrounded by career opportunities in a culture that fosters care, collaboration and support.

​

Additional Information