About The Position

WellHive operates a healthcare technology platform under HIPAA, and we're pursuing organization-level certifications including HITRUST and SOC 2 Type 2. We're maturing our corporate IT and security posture across our SaaS and endpoint estate, and we're hiring a program manager to own that effort end to end. You'll drive a roadmap of security hardening initiatives across our SaaS tools, direct the external IT partner(s) who carry out implementation, make and validate the day-to-day technical decisions, and run the testing and rollout. You'll also be the IT/security point person for our org-level audits — owning the corporate-IT control domains, maintaining evidence, and engaging assessors directly. You'll work with leadership on the calls that matter (risk, budget, compliance posture) and own everything below that line. This is a senior, hands-on role. You should be as comfortable in an admin console validating a configuration as you are running a program plan, holding a contractor to a statement of work, or walking an assessor through a control.

Requirements

  • Senior IT/security experience with hands-on IAM and SaaS administration.
  • A track record in a regulated environment (HIPAA, SOC 2, HITRUST, or similar).
  • Experience engaging auditors/assessors and maintaining control evidence (HITRUST CSF or SOC 2 a plus).
  • Experience managing contractors/MSPs to a statement of work.
  • The judgment to make technical security decisions independently.
  • Program management across concurrent workstreams.

Nice To Haves

  • Google Workspace and/or Okta administration depth; DLP and device-management (Jamf / Kandji / Intune) familiarity; IaC literacy.

Responsibilities

  • Own a multi-effort IT/security hardening roadmap and drive it to delivered, validated controls.
  • Direct external IT partner(s) on implementation: scope, acceptance, quality.
  • Make and defend implementation and sequencing decisions; escalate risk and budget.
  • Run validation, phased rollout, and user-facing change.
  • Keep the work aligned to HIPAA and to HITRUST / SOC 2 Type 2.
  • Own corporate-IT control domains for our audits, maintain evidence, and engage Assessors.
© 2026 Teal Labs, Inc
Privacy PolicyTerms of Service