Plus
Включить Plus
Назад
Company hidden
4 часа назад

Security Program Manager (Healthtech)

Формат работы
remote (только United_states/Canada)
Тип работы
fulltime
Грейд
middle/senior
Английский
b2
Страна
US/Canada
Вакансия из списка Hirify.GlobalВакансия из Hirify Global, списка международных tech-компаний
Для мэтча и отклика нужен Plus

Мэтч & Сопровод

Для мэтча с этой вакансией нужен Plus

Описание вакансии

Текст:
/

TL;DR

Security Program Manager (Compliance/Healthtech): Building a lean, automation-first compliance program to adapt to security and privacy requirements with an accent on SOC 2, HIPAA, and AI-enabled health data protection. Focus on executing compliance operations, driving vendor risk management, and implementing automation in compliance workflows.

Location: Remote (Must be based in the US or Canada)

Company

hirify.global is an AI operating system for health designed to empower people to live 100 healthy years through proactive, data-driven insights into human biology.

What you will do

  • Execute SOC 2 Type II and HIPAA compliance operations, including evidence collection and audit readiness.
  • Maintain a unified control framework mapping SOC 2, HIPAA, and future frameworks like HITRUST.
  • Drive vendor and third-party risk management, including onboarding reviews and BAA/DPA tracking.
  • Partner with Sales and Legal to support business deals through security questionnaires and contractual agreements.
  • Identify and implement automation opportunities for compliance workflows, such as access certifications and vendor reviews.
  • Coordinate privacy operations, including data retention, deletion, and member data requests.

Requirements

  • 4–7 years of experience in compliance, GRC, or risk management, ideally in SaaS or healthtech.
  • Strong knowledge of SOC 2 and HIPAA; familiarity with GDPR, CCPA/CPRA, or HITRUST.
  • Experience supporting audits end-to-end and preparing documentation for external parties.
  • Ability to translate regulatory requirements into engineer-friendly tickets and communicate tradeoffs to stakeholders.
  • Familiarity with compliance automation tools (Vanta, Tugboat Logic, ConductorOne) and cloud environments (Okta, GCP, GitHub).
  • Must be based in the US or Canada.

Nice to have

  • Experience with healthcare data protection or supporting privacy programs in regulated industries.

Culture & Benefits

  • Competitive salary and benefits package.
  • Flexible working hours and a dynamic work environment.
  • Culture of ruthless prioritization and radical ownership.
  • Commitment to diversity and inclusive workforce.

Будьте осторожны: если работодатель просит войти в их систему, используя iCloud/Google, прислать код/пароль, запустить код/ПО, не делайте этого - это мошенники. Обязательно жмите "Пожаловаться" или пишите в поддержку. Подробнее в гайде →