Cybersecurity Specialist managing compliance for DoD security transition to Zero Trust Architecture. Involves overseeing RMF activities and ensuring ATO deadlines are met in cloud environments.
About the role
- Compliance Program Manager responsible for day-to-day execution of compliance programs at healthcare data company. Managing SOC 2, ISO 27001, and HITRUST compliance operations with cross-functional coordination.
Responsibilities
- Own the compliance calendar, including timelines, milestones, check-ins, and recurring evidence collection across SOC 2, ISO 27001, and HITRUST.
- Drive audit readiness end-to-end by maintaining compliance roadmaps, dependencies, and deliverables to ensure work stays on track throughout the year.
- Operate Thoropass day-to-day by assigning evidence requests, sending reminders, maintaining clean artifacts, managing dashboards, and supporting basic workflows and access as needed.
- Coordinate audit activities by tracking auditor requests, managing deadlines, and ensuring responses are complete, accurate, and submitted on time.
- Partner cross-functionally with IT, Engineering, Product, HR, Legal, and Operations to assign ownership, align expectations, and drive follow-through.
- Draft, update, and maintain security and compliance policies and procedures that align required controls with real operational practices.
- Create new security and compliance policies as needed to support evolving business practices, audit requirements, and control gaps, ensuring policies are practical, clear, and aligned with how the company actually operates.
- Run compliance operations by managing policy review cycles, control narratives, version control, and evidence consistency across frameworks.
- Track findings and remediation by logging gaps, assigning owners and due dates, and validating closure and remediation evidence.
Requirements
- 4+ years of experience in program management, compliance coordination, security operations, or a similar cross-functional role
- Strong familiarity with SOC 2; exposure to ISO 27001 and/or HITRUST (hands-on experience is a plus, not required)
- Solid project and program management fundamentals, including task tracking, dependency management, and stakeholder follow-up
- Excellent documentation skills and attention to detail (naming conventions, versioning, evidence quality)
- Experience drafting and maintaining policies and procedures aligned to operational reality
- Experience using compliance tools such as Thoropass, Drata, or Vanta (Thoropass preferred)
Benefits
- Full suite of health insurance options, in addition to generous paid time off
- Pre-planned company-wide wellness holidays
- Retirement options
- Health & charitable donation stipends
- Impactful Business Resource Groups
- Flexible work hours & the opportunity to work from anywhere
- The opportunity to work with leading biotech and life sciences companies in an innovative industry with a mission to improve healthcare around the globe
Job title
Job type
Experience level
Salary
Degree requirement
Location requirements
Engineer II responsible for managing enterprise customer support in Security Engineering. Focused on troubleshooting and diagnosing security incidents in a hybrid work environment.
Guest Safety Agent at HRI Hospitality ensuring safety and hospitality for guests and managing outlet spaces. Maintaining a secure environment while engaging with guests and visitors in New Orleans.
Cybersecurity Architect for Saint Louis University developing and assessing security strategies and architecture. Ensuring secure IT services through effective security technologies and practices.
Senior Commercial Manager developing and executing Cyber Security strategies, managing client portfolios and leading complex negotiations in São Paulo.
Security Officer responsible for maintaining safety at WarHorse Casino. Enforcing policies, responding to incidents, and providing customer service to guests.
Manager overseeing global cybersecurity risk management at Warner Bros. Discovery. Driving risk assessments and mitigation activities while collaborating with business stakeholders.
Cyber Security Engineer at MSSP responsible for protecting client assets and information using advanced security measures. Collaborating with teams to analyze threats and recommend mitigations.
Security Engineer developing and delivering security awareness programs and hands - on IAM configurations at CFC. Playing a key role in strengthening the organization's security posture.
Lead strategic capture efforts for National Security Space programs at Blue Origin, working closely with U.S. Government and industry partners. Develop proposals, track programs, and represent the company in national security forums.