Security Governance Program Manager

Imagine Pediatrics
113d$110,000 - $140,000
Match Resume

About The Position

In this newly created role, the Security Governance Program Manager will be responsible for day-to-day implementation and management of a HITRUST program as well as coordinating security risk management and vendor due diligence for Imagine Pediatrics. You will serve as a key subject matter expert (SME) for governance, risk, and compliance within Imagine Pediatrics' information security team. Support the implementation and ongoing program management for HITRUST r2 certification. Maintain Imagine Pediatrics' security policies, standards, and procedures. Lead and enhance the third-party/vendor risk management program. Administer the security GRC toolset, including the enterprise risk register. Coordinate and drive internal security risk assessments and auditing activities. Collaborate with business and clinical teams to ensure effective ePHI management. Respond to third-party security and privacy diligence requests. Work with external auditors and partners on security certifications and attestations.

Requirements

  • BS degree in computing, information security, or a related field. MS degree preferred.
  • 5+ years of information security GRC or audit experience accepted in lieu of a degree.
  • Strong experience implementing and maintaining a HITRUST r2 program.
  • Working knowledge of healthcare industry security and privacy regulations (HIPAA, HITECH).
  • Experience with SOC 2, ISO 27001 and NIST security frameworks.
  • Industry certifications preferred, such as CRISC, CISA, CISM, or ISO 27001 Lead Auditor.
  • Prior experience supporting security in healthcare companies.
  • Experience with compliance automation tools like Hyperproof, Drata or Vanta is a plus.
  • Highly organized, motivated, and capable of working independently as a self-starter.
  • Excellent communication skills, with the ability to translate complex compliance requirements for technical and business audiences.

Responsibilities

  • Serve as a key subject matter expert (SME) for governance, risk, and compliance within Imagine Pediatrics' information security team.
  • Support the implementation and ongoing program management for HITRUST r2 certification.
  • Maintain Imagine Pediatrics' security policies, standards, and procedures.
  • Lead and enhance the third-party/vendor risk management program.
  • Administer the security GRC toolset, including the enterprise risk register.
  • Coordinate and drive internal security risk assessments and auditing activities.
  • Collaborate with business and clinical teams to ensure effective ePHI management.
  • Respond to third-party security and privacy diligence requests.
  • Work with external auditors and partners on security certifications and attestations.

Benefits

  • Base salary range of $110,000 - $140,000 in addition to annual bonus.
  • Competitive medical, dental, and vision insurance.
  • Healthcare and Dependent Care FSA; Company-funded HSA.
  • 401(k) with 4% match, vested 100% from day one.
  • Employer-paid short and long-term disability.
  • Life insurance at 1x annual salary.
  • 20 days PTO + 10 Company Holidays & 2 Floating Holidays.
  • Paid new parent leave.
  • Additional benefits to be detailed in offer.

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume

What This Job Offers

Education Level

Bachelor's degree

Number of Employees

1-10 employees

Job Search Resources

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service