Security Manager II

Security Manager II, is a full-time position responsible for leading the governance, risk, and compliance (GRC) program, managing audits, and ensuring compliance with security and privacy regulations in a healthcare technology environment. Key Responsibilities Lead and mature the GRC program across security, privacy, and regulatory compliance functions Drive SOC 2 Type II audit readiness and manage HIPAA compliance programs Build and manage the Third-Party Risk Management program and oversee a team of GRC analysts Required Qualifications 8-10 years of experience in GRC, security compliance, or information security leadership in a healthcare SaaS or regulated health-tech environment Demonstrable ownership of SOC 2 Type II audit cycles Deep knowledge of HIPAA Security and Privacy Rules Hands-on experience with HITRUST CSF assessments Experience with FedRAMP compliance