Senior Security Engineer (Compliance and Risk)
Вакансия из Hirify Global, списка международных tech-компанийДля мэтча и отклика нужен Plus
Мэтч & Сопровод
Для мэтча с этой вакансией нужен Plus
Описание вакансии
TL;DR
Senior Security Engineer (Compliance and Risk): Own the governance and compliance lifecycle for vulnerability management, privacy, data retention, and business continuity programs meeting SOC 2, HIPAA, and HITRUST standards. Focus on overseeing remediation efforts, conducting privacy impact assessments, coordinating DR/BCP exercises, and managing audit evidence collection.
Location: New York, NY (Hybrid with weekly office lunches)
Compensation: $150,000 - $185,000 USD
Company
AI-powered virtual care engine partnering with health systems like Mayo Clinic and Cedars-Sinai to modernize primary care.
What you will do
- Oversee vulnerability management compliance, scans, remediation SLAs, and risk exception tracking.
- Manage privacy and data governance including HIPAA, CCPA adherence, data retention, and PIAs.
- Coordinate DR/BCP table-top exercises, update documentation, and review post-mortems.
- Serve as auditor point-of-contact for SOC 2 and HITRUST, collect evidence, and drive gap remediations.
- Handle tracking technologies and partner health system requirements.
Requirements
- 3-5+ years in Information Security, GRC, Vulnerability Management, or IT Audit.
- Proven program management in compliance areas like vulnerability or business continuity.
- Strong communication to translate requirements into engineering tasks.
- Exceptional documentation skills.
- Ability to influence teams without direct authority.
Culture & Benefits
- Hybrid schedule with weekly lunches and stocked fridges.
- Monthly social events.
- 18 vacation days, 9 holidays, 5 sick days, 2 personal days.
- Stock options, 401k, commuter benefits, competitive health insurance.
- Paid parental leave.
Будьте осторожны: если работодатель просит войти в их систему, используя iCloud/Google, прислать код/пароль, запустить код/ПО, не делайте этого - это мошенники. Обязательно жмите "Пожаловаться" или пишите в поддержку. Подробнее в гайде →
Похожие вакансии
Manager, Technology Risk & Compliance (Cybersecurity)
Product Security Engineer (Cybersecurity)
Senior Software Engineer, Security (Healthtech)
Senior Product Security Engineer (Cybersecurity)
Senior Director, Data Governance & Privacy Operations (GRC)