Security and Compliance Manager

2 months, 1 week ago
Full-time
Senior
Legal
Rezilient Health

Rezilient Health

Rezilient Health provides direct primary and specialty healthcare services tailored for employers, focusing on delivering unlimited access to care through innovative platforms like CloudClinics and telehealth, all for a single employer fee, while prior...

Health Care Providers & Services
11-50
Founded 2016

Description

  • Develop, implement, and maintain the security and compliance program aligned with company goals and regulatory requirements.
  • Lead certification and attestation efforts, including SOC 2 audits, HITRUST readiness, and related healthcare security frameworks.
  • Create, maintain, and enforce security and compliance policies, standards, and procedures across the organization.
  • Oversee governance activities such as risk assessments, internal audits, compliance reviews, KPI tracking, and executive reporting.
  • Own the third-party and vendor risk management program, including security assessments, monitoring, and contract support with legal and procurement.
  • Oversee incident response governance, including response planning, cross-functional coordination, and regulatory reporting when needed.
  • Maintain the enterprise risk register and track remediation efforts through completion.
  • Coordinate security awareness and compliance training programs and measure their effectiveness.
  • Partner with Product and Engineering to embed security and compliance into the product lifecycle, feature reviews, and architecture decisions.
  • Work with Clinical Operations, IT, Growth/Sales, and Client Success to support compliance, security requests, and customer-facing due diligence.

Requirements

  • Bachelor’s degree in cybersecurity, IT, risk, or compliance, or equivalent experience; advanced degree is a plus.
  • 5–10 years of experience in security or compliance within healthcare, digital health, or SaaS/cloud environments.
  • Strong familiarity with SOC 2, HITRUST, HIPAA/HITECH, ISO 27001/27002, and NIST CSF.
  • Experience working cross-functionally with engineering, product, IT, and clinical or operational teams.
  • Hands-on experience with audits, external assessors, and certification processes.
  • Strong knowledge of third-party risk management, incident response, and security governance.
  • Excellent communication skills with the ability to translate technical and compliance risks into business impact.
  • Relevant certifications such as CISSP, CISM, CISA, or CRISC are strongly preferred.

Benefits

  • Competitive compensation with stock options.
  • Generous PTO.
  • Paid family leave.
  • Comprehensive medical, dental, vision, and life insurance.
  • Supportive, collaborative, and diverse team environment.
  • Opportunity to shape the future of healthcare and make a meaningful impact.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

Medical Affairs Consultant

Hire Digital 51-250 Internet Software & Services

Hire Digital is seeking a Medical Affairs Consultant – Claims Substantiation to review and strengthen the claims matrix for RADIESSE® and ULTHERAPY® with a focus on APAC evidence and compliant claim language.

16 hours, 56 minutes ago

Compliance Analyst - Freelance AI Trainer

Mindrift.ai: Be the “I” in AI Internet Software & Services

Mindrift is seeking part-time, project-based compliance and regulatory specialists to help test, evaluate, and improve AI systems for leading tech companies.

17 hours, 11 minutes ago

Compliance Analyst - Freelance AI Trainer

Mindrift.ai: Be the “I” in AI Internet Software & Services

Mindrift is seeking project-based compliance and regulatory specialists to evaluate AI systems by creating and documenting regulation-based test cases for financial and legal use cases.

1 day, 16 hours ago

Compliance Analyst - Freelance AI Trainer

Mindrift.ai: Be the “I” in AI Internet Software & Services

Mindrift is seeking project-based compliance and regulatory contributors to test, evaluate, and improve AI systems by documenting regulation-based cases and verified citations for financial and legal compliance scenarios.

1 day, 16 hours ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers