Connecting data flow across healthcare so that every patient's experience is optimized.

Security and Compliance Manager

Security EngineerSecurity EngineerFull TimeRemoteTeam 11-50H1B SponsorCompany Site LinkedIn

Location

United States

Posted

112 days ago

Salary

$124K - $145K / year

Bachelor Degree6 yrs expEnglishCloud

Job Description

• Own and maintain the company’s Information Security Management System (ISMS) • Lead annual and recurring compliance certifications (SOC 2, HIPAA, HITRUST) • Respond to customer security questionnaires and due diligence requests • Oversee vendor risk management, including contracts, reviews, and security posture assessments • Manage MSP performance (IT and SOC/MDR) and ensure evidence feeds align with audit requirements • Mentor and guide other Engineers and Stakeholders in evidence collection, reporting, and process maturity • Define, implement, and maintain security policies, standards, and procedures • Serve as the main point of contact for auditors, regulators, and external security partners • Report compliance and risk posture to leadership and the board

Job Requirements

Bachelor’s degree in information security, risk management, or related field (or equivalent experience)
6+ years of experience in security, compliance, or risk management roles, with 3+ years in a leadership capacity
Experience working with SOC 2, HIPAA, and HITRUST frameworks
Experience working in a Cloud-based SaaS Platform
Familiarity with healthcare data security and PHI handling
Experience with Drata's GRC and compliance automation platform
Strong organizational skills and ability to manage multiple audit and certification workstreams
Excellent written and verbal communication skills, with the ability to translate compliance requirements into clear actions for engineering and business teams
Hands-on experience modernizing segregation of duties in a highly regulated environment