About Convatec Pioneering trusted medical solutions to improve the lives we touch: Convatec is a global medical products and technologies company, focused on solutions for the management of chronic conditions, with leading positions in Advanced Wound Care, Ostomy Care, Continence Care, and Infusion Care. With more than 10,000 colleagues, we provide our products and services in around 90 countries, united by a promise to be forever caring. Our solutions provide a range of benefits, from infection prevention and protection of at-risk skin, to improved patient outcomes and reduced care costs. Convatec’s revenues in 2024 were over $2 billion. The company is a constituent of the FTSE 100 Index (LSE:CTEC). To learn more please visit http://www.convatecgroup.com Place of work: Remote, Slovakia Wage (gross) and other rewards:  minimum 1300 / monthly (depending on experiences and quality of the candidate) + Annual global incentive plan-bonus and other benefits in compliance with social benefit program of the company Contract type: Fixed-term Start date: by agreementThe role: A technically accomplished Cyber Security Operations Centre Analyst to monitor the organisation’s cybersecurity state, handle incidents during cyber-attacks and assure the continued operations of ICT systems. This role is also responsible for monitoring and assessing Convatec’s systems cybersecurity state. Analyses, evaluates and mitigates the impact of cybersecurity incidents. Key responsibilities and authority - This Role is responsible for the first line response in alert triage and response. - Follow and execute of the Incident Response Plan - Execute procedures related to incident handling - Identify, analyse and escalate cybersecurity incidents - Execute on cybersecurity incidents detection and response effectiveness - Execute incident handling testing techniques. - Document incident results analysis and incident handling actions - Cooperate with Secure Operation Centers (SOCs) and Computer Security Incident Response Teams (CSIRTs) Key requirements - Minimum of 1 years of experience in Cyber Security - Basic knowledge of the following: - Incident handling standards, methodologies and frameworks - Incident handling recommendations and best practices - Incident handling tools - Incident handling communication procedures - Operating systems security - Computer networks security - Cyber threats - Cybersecurity attack procedures - Computer systems vulnerabilities - Cybersecurity-related certifications - Cybersecurity related laws, regulations and legislations - Secure Operation Centres (SOCs) operation - Computer Security Incident Response Teams (CSIRTs) operation Education/ Qualifications Required: - Up to 1 year IT Experience in any of the following IT areas, Networking, Operating systems or fundamentals of Programming. Desirable: - Cybersecurity-related certifications (CompTIA+, CompTIA Security+, CSA) Languages - Speaking: Yes English* - Writing/Reading: Yes English* *additional languages as required or nice to have Working conditions Remote Employee perks, and benefits: Annual global incentive plan-bonus. Corporate culture – Underpinning everything we do are our values: - Improve care - Deliver results - Grow together - Own it - Do what´s right Company: Unomedical s.r.o. (member of the global company Convatec) Priemyselný park 3  071 01 Michalovce, Slovakia Email: job-slovakia@convatec.com convatec.sk | convatecgroup.com | careers.convatec.com #LI-AN1 #LI-Remote Beware of scams online or from individuals claiming to represent ConvaTec A formal recruitment process is required for all our opportunities prior to any offer of employment. This will include an interview confirmed by an official ConvaTec email address. If you receive a suspicious approach over social media, text message, email or phone call about recruitment at ConvaTec, do not disclose any personal information or pay any fees whatsoever. If you’re unsure, please contact us at careers@convatec.com. Dajte si pozor na podvody online alebo od jednotlivcov, ktorí tvrdia, že zastupujú spoločnosť ConvaTec Pred akoukoľvek ponukou práce, sa vyžaduje formálny náborový process, pre všetky naše pracovné príležitosti. To bude zahŕňať, pracovný pohovor potvrdený oficiálnou e-mailovou adresou spoločnosti ConvaTec. Ak Vás osloví podozrivý kontakt cez sociálne médiá, textovú správu, e-mail, alebo telefonát, o nábore v spoločnosti ConvaTec, nezverejňujte žiadne osobné údaje, ani neplaťte žiadne poplatky. Ak si nie ste istí, kontaktujte nás na adrese careers@convatec.com. Equal opportunities ConvaTec provides equal employment opportunities for all current employees and applicants for employment. This policy means that no one will be discriminated against because of race, religion, creed, color, national origin, nationality, citizenship, ancestry, sex, age, marital status, physical or mental disability, affectional or sexual orientation, gender identity, military or veteran status, genetic predisposing characteristics or any other basis prohibited by law. Rovnaké príležitosti ConvaTec poskytuje rovnaké pracovné príležitosti, pre všetkých súčasných zamestnancov a uchádzačov o zamestnanie. Táto politika znamená, že nikto nebude diskriminovaný z dôvodu rasy, náboženstva, vierovyznania, farby pleti, národnostného pôvodu, národnosti, občianstva, pôvodu, pohlavia, veku, rodinného stavu, fyzického alebo mentálneho postihnutia, citovej, alebo sexuálnej orientácie, rodovej identity, vojenského statusu, alebo statusu veterána, genetických predisponujúcich vlastnosti, alebo z akéhokoľvek iného dôvodu, zakázaným zákonom. Notice to Agency and Search Firm Representatives ConvaTec is not accepting unsolicited resumes from agencies and/or search firms for this job posting. Resumes submitted to any ConvaTec employee by a third party agency and/or search firm without a valid written and signed search agreement, will become the sole property of ConvaTec. No fee will be paid if a candidate is hired for this position as a result of an unsolicited agency or search firm referral. Thank you. Upozornenie pre zástupcov agentúr a vyhľadávacích spoločností Spoločnosť ConvaTec neprijíma nevyžiadané životopisy od agentúr a/alebo vyhľadávacích spoločností pre túto pracovnú ponuku. Životopisy predložené akémukoľvek zamestnancovi spoločnosti ConvaTec, treťou stranou, ako sú agentúry a/alebo vyhľadávacie spoločnosti, bez platnej písomnej a podpísanej zmluvy o vyhľadávaní, sa stanú výhradným vlastníctvom spoločnosti ConvaTec. Already a ConvaTec employee? If you are an active employee at ConvaTec, please do not apply here. Go to the Career Worklet on your Workday home page and View "ConvaTec Internal Career Site - Find Jobs". Thank you! Ste už zamestnancom spoločnosti ConvaTec? Ak ste aktívnym zamestnancom spoločnosti ConvaTec, prosím, neaplikujte tadiaľto. Prejdite na stránku pracovných príležitosti, na svojej domovskej stránke Workday a zobrazte si „Interná kariérna stránka spoločnosti ConvaTec – Nájsť pracovné miesta“. Ďakujeme! Only candidates who meet our requirements will be invited for the interview. Data of not selected candidates will be deleted in compliance with GDPR and data protection law. Information about personal data processing of job seekers is located on link: https://www.convatec.com/sk-sk/o-nas/kariera/ Na osobný pohovor budú pozvaní uchádzači, ktorí spĺňajú naše požiadavky. Materiály neoslovených uchádzačov budú v súlade s nariadením GDPR a so zákonom o ochrane osobných údajov skartované. Informácia o spracúvaní osobných údajov uchádzačov o zamestnanie sa nachádza na: https://www.convatec.com/sk-sk/o-nas/kariera/

The HIPAA Subject Matter Expert supports the Health and Human Services (HHS), Office for Civil Rights (OCR) promoting the right to access health information and protection of the privacy and security of this information. These highly trained and highly skilled consultants and analysts are integral to the success and performance of OCR and to further OCR’s mission. Chickasaw Nation Industries, Inc. serves as a holding company with multiple subsidiaries engaged in several lines of business (Technology, Infrastructure & Engineering, Health, Manufacturing, Public Safety, Consulting, and Transportation) for the federal government and commercial enterprises. A portion of our profits is used to support Chickasaw citizens. We are proud to support the economic development and long-term viability of the Chickasaw Nation and its people. CNI offers premium benefits eligible on the first day of hire to full time employees; (Medical - Dental – Vision), Company Life Insurance, Short-Term and Long-Term Disability Insurance, 401(K) Immediate Vesting, Professional Development Assistance, Legal Aid Assistance Program, Family Planning / Fertility Assistance, Personal Time Off, and Observance of Federal Holidays. As a federal contractor, CNI is a drug-free workplace and adheres to the Federal Controlled Substance Act. ESSENTIAL REQUIREMENTS - Preference will be given to candidates with relevant industry certifications from CISSP, CISM, CIPP/CIPT/CIPT. - Ten (10) years of relevant cybersecurity experience is preferred. - Experience in auditing and generating audit reports is required. - Fundamental knowledge of basic systems analysis. - Knowledge of a broad range of relevant computer systems, applications, and/or related equipment. - Knowledge of computer security procedures and protocol. - Basic knowledge of advanced operating system, network, or application management tasks. - Knowledge of current technological developments/trends in area of expertise. - Knowledge of federal copyright laws as they pertain to the use of computer software. - Ability to integrate emerging technologies and applications into current environment and to identify technical specifications to meet user needs including operating system and network or application configuration. - Ability to identify technical specifications to meet user needs including operating system and network or application configuration. - Skills in planning, organizing, and adapting within a multi-tasking environment. - Strong interpersonal skills, flexibility, and customer service orientation. - Ability to gather facts and data for technical proposals and to expand upon them or develop alternatives and to evaluate emerging technologies and identify their potential impact within the existing environment. - Ability to evaluate emerging technologies and identify their potential impact within the existing environment. - Ability to analyze complex computer problems and provide solutions. - Ability to communicate effectively, both orally and in writing. - Ability to communicate technical information to non-technical personnel. - Ability to develop and deliver presentations. KEY DUTIES AND RESPONSIBILITIES Essential duties and responsibilities include the following. Other duties may be assigned. - Reviews security and privacy complaints, data breach notification and cybersecurity incident reports and other correspondence and evidence to determine whether complaints, self-reported breaches or breach notification reports indicate non-compliance with the HIPAA Security Rule. Reviews data provided by the healthcare organizations across the nation to assess the overall impact of security and privacy incidents. - Evaluates and determines the technical sufficiency of submissions from HIPAA covered entities and business associates in response to data and documentation requests (i.e. Assessing reports related to security baselines, penetration tests, vulnerability assessments, and digital forensics). - Documents processes, standard operating procedures and system requirements; develops reports summarizing the analysis along with formulating recommendations for OCR to consider for future action. - Develops written reports with technical security analyses, summaries, and recommendations for action, reports on root causes of problems, efficiency, and support needs. - Provides expertise in the development and evaluation of health information privacy policies and technologies, specifically regarding protected health information; deidentified/re-identified health information; limited data sets. - Provides subject matter expert analysis, evaluation, and recommendations based on national security standards (NIST), industry best practices from the International Organization for Standardization and implementation specifications of the HIPAA - Security Rule. - Provides DIN designing, implementing, and managing information security, data protection, and risk management programs, including policies, procedures, and controls for protected health information based on HIPAA requirements. - Provides advisory expertise in the areas of risk analyses, vulnerability assessments, incident response, security architecture, physical security, business continuity and disaster recovery, enterprise mobility, threat intelligence and analysis, security awareness and - online safety, and resolution of highly complex security projects and issues. - Works well with programmers, developers, content managers, and other key personnel in an interactive development situation. EDUCATION/EXPERIENCE Minimum educational experience is a Bachelor’s degree from an accredited university with the focus on Cybersecurity, Computer Science, Information Sciences, or other comparable fields of Study. PHYSICAL DEMANDS Work is primarily performed in an office environment. Regularly required to sit. Regularly required use hands to finger, handle, or feel, reach with hands and arms to handle objects and operate tools, computer, and/or controls. Required to speak and hear. Occasionally required to stand, walk and stoop, kneel, crouch, or crawl. Must frequently lift and/or move up to 10 pounds and occasionally lift and/or move up to 25 pounds. Specific vision abilities required by this job include close vision, distance vision, depth perception, and ability to adjust focus. Exposed to general office noise with computers printers and light traffic. The physical demands described here are representative of those that must be met by an employee to perform successfully the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions of this job. EOE including disability/vet. The estimated pay range for this role is $125K to $135K, with the final offer contingent on location, skillset, and experience. CNI offers a comprehensive benefits package that includes: - Medical - Dental - Vision - 401(k) - Family Planning/Fertility Assistance - STD/LTD/Basic Life/AD&D - Legal-Aid Program - Employee Assistance Program (EAP) - Paid Time Off (PTO) – (11) Federal Holidays - Training and Development Opportunities Your application submission will be considered for all potential employment opportunities with Chickasaw Nation Industries (CNI).

• Responsible for designing, engineering, analyzing and/or assessing key elements of Intermountain’s cybersecurity program • Supports governance, risk and compliance activities, identity and access management, data, endpoint and application security, infrastructure and network security • Collaborates with project management and business liaising

• Monitor the organisation’s cybersecurity state • Handle incidents during cyber-attacks • Assure the continued operations of ICT systems • Responsible for monitoring and assessing Convatec’s systems cybersecurity state • Analyse, evaluate and mitigate the impact of cybersecurity incidents • Responsible for the first line response in alert triage and response • Follow and execute of the Incident Response Plan • Execute procedures related to incident handling • Identify, analyse and escalate cybersecurity incidents • Execute on cybersecurity incidents detection and response effectiveness • Execute incident handling testing techniques • Document incident results analysis and incident handling actions • Cooperate with Secure Operation Centers (SOCs) and Computer Security Incident Response Teams (CSIRTs)