Security & Compliance Manager

TALON•Portsmouth, NH

81d•Onsite

About The Position

TALON is seeking a Security & Compliance Manager to lead the company’s information security, compliance, and internal IT governance programs. This role will be responsible for maintaining and strengthening TALON’s SOC 2 security framework, HIPAA compliance program, anti-money laundering (AML) and financial risk oversight, and internal security controls, while supporting the company’s growing technology and regulatory requirements. This is a hands-on leadership role that combines security governance, compliance oversight, and operational IT security management. The Security & Compliance Manager will report to the Chief Security Officer for operational strategy with a functional dotted line to the Board of Directors. They will work closely with engineering, operations, and leadership to ensure TALON maintains a strong security posture and regulatory compliance.

Requirements

5+ years of experience in information security, compliance, or governance roles
Experience managing SOC 2 compliance programs
Familiarity with HIPAA security and privacy requirements
Experience working in technology, SaaS, or healthcare technology environments
Understanding of security frameworks such as SOC 2, NIST, or ISO 27001
Experience working with engineering teams on security controls
Strong organizational and program management skills
Ability to translate regulatory requirements into practical security controls
Strong communication skills across technical and non-technical teams
Comfort operating in a hands-on, fast-growing company environment

Nice To Haves

Experience serving as a security or compliance lead in a growing technology company
Familiarity with cloud infrastructure security (AWS preferred)
Experience supporting healthcare data environments
Experience with vendor risk management programs
Experience supporting security audits and regulatory reviews

Responsibilities

Lead TALON’s information security program
Monitor and improve the organization’s security controls, processes, and policies
Manage security incident response planning and procedures
Oversee vulnerability management and security monitoring
Conduct periodic security risk assessments
Partner with engineering to support secure development and infrastructure practices
Own and maintain TALON’s SOC 2 compliance program
Coordinate with external auditors during annual SOC 2 assessments
Maintain and update security policies, procedures, and internal controls
Manage HIPAA security and privacy compliance
Support vendor risk management and third-party security reviews
Respond to client security questionnaires and due diligence requests
Oversee and maintain TALON’s internal IT security environment to ensure secure operations across company systems and networks.
Manage identity and access management processes
Perform regular access reviews and privilege management
Maintain secure employee onboarding and offboarding procedures
Oversee endpoint security and device management
Manage and maintain internal network security infrastructure, including: Firewall configuration and monitoring, SFTP endpoints, Office Wi-Fi security, VPN access controls for remote connectivity, Network access policies and security monitoring
Ensure appropriate logging, monitoring, and system security controls are in place
Oversee TALON’s anti-money laundering (AML) and financial risk oversight related to the company’s healthcare rewards program
Maintain AML policies and escalation procedures
Coordinate with financial institutions and vendors responsible for payment processing
Support sanctions screening and fraud risk monitoring processes
Maintain TALON’s security awareness and training program
Educate employees on security best practices and compliance requirements
Promote a culture of security awareness across the organization