Analyst Sr. Data Security

Additional Location(s): Costa Rica-Coyol

Diversity - Innovation - Caring - Global Collaboration - Winning Spirit - High Performance

At Boston Scientific, we’ll give you the opportunity to harness all that’s within you by working in teams of diverse and high-performing employees, tackling some of the most important health industry challenges. With access to the latest tools, information and training, we’ll help you in advancing your skills and career. Here, you’ll be supported in progressing – whatever your ambitions.                

About the role:

An exciting IT SOX Compliance Data Security Sr, Analyst opportunity has arisen within the Boston Scientific Cybersecurity Governance, Risk and Compliance (GRC) Team.

This role will focus on maturing and managing the IT SOX Compliance Program. They will collaborate and partner with the Corporate Finance and Accounting teams to ensure the efficiency and effectiveness of the SOX program throughout the company.

The ideal IT SOX Compliance Data Security Analyst 2 is an effective team collaborator, problem solver and IT control specialist who is committed to maturing our ITGC program and providing exceptional risk-based advice and insight to our internal IT stakeholders. This position will primarily be responsible for IT General Controls (ITGCs) in a variety of environments including SAP S4 HANA, Cloud, Infrastructure and Business Systems and Tools. In this highly visible role, the IT SOX Compliance Data Security Sr, Analyst role will assist in the execution of Boston Scientific’s IT SOX Program including conducting walkthroughs, assessing control design, testing control effectiveness, and evaluating deficiencies.

Key responsibilities: 

• Plan, design and execute controls testing, controls assessment and documentation across all domains for IT SOX ITGCs, (PCI DSS) Payment Card Industry, Data Privacy, (HIPAA) Health Insurance Portability and Accountability and other GRC requirements, as appropriate.
• Serve as trusted advisor and cyber security controls subject matter expert; partner with business and IT leaders to ensure the design and effectiveness of the control environment, both operational and technical.
• Support compliance and cyber security audit activities with external auditors and internal control owners to ensure timely and successful completion of audit requirements.
• Coordinate with external auditors on the annual SOX testing plan and the delivery of PBCs and support their efforts as needed.
• Assess, document, and report cyber security risks and control gaps.
• Coordinate remediation efforts, and document exceptions, as necessary.
• Create and execute SOX documentation, including risk and controls matrices and process flowcharts, and evaluate controls as new systems are developed or processes change.
• Responsible for reviewing work papers for quality and to ensure they meet internal and external SOX requirements.
• Provide technical guidance and advice to control owners for remediation of IT-related internal control gaps.
• Track and monitor overall ITGC SOX assessment status for monthly and quarterly reporting to senior management. Ensure all ITGC SOX deliverables are completed, and deadlines are met.

What we're looking for: 

• Bachelor’s degree or equivalent work experience
• 5+ years related experience in Internal Controls.
• Experience with SOX Audit (internal/external)
• Experience with IAM solutions such as Saviynt
• English level 90% or more
• Please submit Resume in English

Preferred qualifications:

• CISA or related Industry Certification
• Experience performing SOC 1 attestations across all control domains.

Requisition ID: 585449

As a leader in medical science for more than 40 years, we are committed to solving the challenges that matter most – united by a deep caring for human life. Our mission to advance science for life is about transforming lives through innovative medical solutions that improve patient lives, create value for our customers, and support our employees and the communities in which we operate. Now more than ever, we have a responsibility to apply those values to everything we do – as a global business and as a global corporate citizen.

So, choosing a career with Boston Scientific (NYSE: BSX) isn’t just business, it’s personal. And if you’re a natural problem-solver with the imagination, determination, and spirit to make a meaningful difference to people worldwide, we encourage you to apply and look forward to connecting with you!

At Boston Scientific, we recognize that nurturing a diverse and inclusive workplace helps us be more innovative and it is important in our work of advancing science for life and improving patient health. That is why we stand for inclusion, equality, and opportunity for all. By embracing the richness of our unique backgrounds and perspectives, we create a better, more rewarding place for our employees to work and reflect the patients, customers, and communities we serve. Boston Scientific is proud to be an equal opportunity and affirmative action employer.

Boston Scientific maintains a prohibited substance free workplace. Pursuant to Va. Code § 2.2-4312 (2000), Boston Scientific is providing notification that the unlawful manufacture, sale, distribution, dispensation, possession, or use of a controlled substance or marijuana is prohibited in the workplace and that violations will result in disciplinary action up to and including termination.

Please be advised that certain US based positions, including without limitation field sales and service positions that call on hospitals and/or health care centers, require acceptable proof of COVID-19 vaccination status.  Candidates will be notified during the interview and selection process if the role(s) for which they have applied require proof of vaccination as a condition of employment.  Boston Scientific continues to evaluate its policies and protocols regarding the COVID-19 vaccine and will comply with all applicable state and federal law and healthcare credentialing requirements.   As employees of the Company, you will be expected to meet the ongoing requirements for your roles, including any new requirements, should the Company’s policies or protocols change with regard to COVID-19 vaccination.