Security and Compliance Manager

Rezilient is rethinking primary care by blending virtual provider visits with technology, aiming to make healthcare more accessible for patients. As the company grows, new specialty services are added and care delivery continues to evolve, always keeping patient well-being as the top priority. Role overview The Security and Compliance Manager leads Rezilient’s governance, risk, and compliance functions. This position manages essential frameworks and certifications, including SOC 2, HIPAA/HITECH, and HITRUST. The role involves maintaining security policies, coordinating audits, and ensuring vendors meet established standards. Key responsibilities Oversee the implementation and ongoing management of security and compliance frameworks Manage certifications and audits, such as SOC 2, HIPAA/HITECH, and HITRUST Develop and update security policies and procedures Monitor vendor compliance with Rezilient’s requirements Collaborate with product, engineering, clinical operations, and IT teams Integrate security and compliance into product development, care delivery, and internal systems Location This is a remote role based in the United States.

Join Filevine, a pioneering Legal AI company, as we redefine the future of legal work through Legal Operating Intelligence. Our innovative platform integrates data, documents, workflows, and teams into a cohesive system, ensuring clarity and consistency in modern legal operations.At the heart of our solutions is LOIS, the Legal Operating Intelligence System, which transforms legal processes from reactive to proactive. LOIS intelligently analyzes data to provide valuable insights, streamline complexities, and empower professionals with the knowledge and confidence to excel. Our commitment to excellence has garnered accolades and recognition from Deloitte and Inc., establishing Filevine as one of the fastest-growing and most innovative technology firms in the nation.Position Overview:We are seeking a dedicated Security Compliance Manager to strengthen our Information Security team. In this role, you will be responsible for ensuring that our platform, applications, and infrastructure meet the highest security and compliance standards, thereby safeguarding and enhancing customer trust. If you are a driven, detail-oriented professional with a passion for security and compliance, we invite you to explore this exciting opportunity to be part of a world-class team.

The Security and Compliance Manager plays a pivotal role in enhancing our organization's information security framework. This position is tasked with leading initiatives in compliance, risk management, vulnerability management, and daily security operations. The ideal candidate will be responsible for designing and implementing effective security protocols, guiding policy formulation, ensuring adherence to applicable regulations, managing potential security threats, and maintaining an optimal security posture on a daily basis. This individual will also mentor and coach IT and security personnel, fostering a culture of proactive security awareness within the organization.

ABOUT THE ROLE:Join Tapcheck as the Security and Compliance Manager, where you will spearhead initiatives aimed at safeguarding our organization and enhancing customer trust through effective governance, risk management, and compliance strategies. This pivotal role is dedicated to ensuring our compliance status remains robust, managing audits and assessments, and fostering collaboration among teams to uphold security and privacy standards.This hybrid position requires in-office attendance three days a week (Tuesday to Thursday).Key Responsibilities:Oversee governance, risk, and compliance programs, ensuring alignment with SOC 2 Type II, CCPA, GDPR, and other relevant frameworks.Manage external audits, including evidence collection and control testing across the organization.Lead customer assurance activities, such as responding to security questionnaires and due diligence requests.Maintain and update policies, risk registers, and monitoring activities for ongoing compliance.Coordinate vendor security reviews and manage third-party risk assessments.Collaborate with internal teams to integrate compliance controls into operational processes.Ensure the trust portal and customer documentation are always current and accurate.Identify and implement opportunities to streamline and automate Governance, Risk, and Compliance workflows.

Join Hive as a Security Compliance Manager and take the lead in enhancing our security framework. Collaborate with engineers and auditors to ensure compliance with industry standards such as ISO and SOC, as well as federal regulations. You will own the execution of our Information Security program, focusing on improving personnel screening compliance and risk monitoring. Your role will require effective communication with technology and business leaders across all levels, driving consensus among stakeholders to ensure security controls are effective and remediated as necessary.

tagup seeks a Security & Compliance Manager (ISSO / FSO) based in New York, NY. This position centers on protecting information systems and ensuring the company meets all required compliance standards. Key responsibilities Lead security projects from planning through implementation Oversee risk management activities to identify and address vulnerabilities Collaborate with teams across the company to improve security practices Focus areas Safeguarding information systems Maintaining compliance with relevant standards This role requires both technical expertise and strong communication skills to coordinate efforts across departments and keep security at the forefront of company operations.

Join Our Mission: HealthVerity is on the lookout for a meticulous and experienced Security Compliance Program Manager to elevate our Security team. This pivotal role focuses on ensuring our information systems align with essential compliance standards, including FedRAMP, HIPAA, and other healthcare regulations. You will collaborate with both Security team members and cross-functional departments to implement robust security controls, taking a risk-aware and cost-efficient approach while continuously monitoring and assessing these controls. Your Responsibilities: Craft, document, and uphold FedRAMP-specific policies, procedures, and controls. Assist in maintaining FedRAMP compliance by developing System Security Plans (SSP), collecting evidence, and generating reports. Partner with internal teams to manage the continuous monitoring (ConMon) program, including vulnerability reporting, tracking Plans of Action and Milestones (POA&Ms), and creating ConMon artifacts. Work alongside internal teams to formulate and enforce policies that satisfy compliance obligations. Engage with third-party assessors to execute security evaluations and audits. Conduct risk assessments for third-party vendors. Lead security training programs and phishing awareness campaigns. Undertake periodic risk assessments and audits to verify adherence to applicable regulatory frameworks. Who You Are: You prioritize security in all aspects of your work. You excel in guiding with empathy and simplifying complex security concepts for non-expert audiences. You possess exceptional communication, interpersonal, and leadership abilities. You are knowledgeable about HIPAA, NIST 800-53, and other security compliance frameworks. You have a track record of leading components of information security audits. You stay informed about security trends and threats, able to convey these topics clearly to non-security professionals. You have hands-on experience with cloud security architectures and best practices for AWS (or equivalent for GCP/Azure). You are proficient in scripting (Shell, Python) and favor automation for evidence collection.

Join CoreWeave as a Technical Program Manager specializing in Security Compliance. In this pivotal role, you will oversee and drive security compliance initiatives across our technical programs. Your expertise will ensure that we adhere to industry standards and best practices, thereby safeguarding our infrastructure and data integrity.

At DNSFilter, our mission is to safeguard our customers and partners with exceptional products! We are transforming the landscape of network security by delivering fast, precise, and dependable threat protection and content filtering solutions. As a rapidly expanding company, we are committed to fostering a safer internet for businesses and organizations globally. Utilizing AI-powered threat intelligence, DNSFilter enables our customers to proactively block threats before they disrupt their networks. We cultivate a collaborative, innovative, and results-driven culture where every team member plays a vital role in our mission to enhance internet safety. As we continue to grow through innovative product enhancements, we are searching for a passionate Security & Compliance Analyst to lead our compliance initiatives and engage in hands-on security operations. This hybrid role consists of approximately 70% Governance, Risk, and Compliance and 30% Security Operations. You will be instrumental in maintaining our compliance framework while also delving into projects related to access management, device posture, and security observability. This position is not just about drafting policies that go unread; you will collaborate closely with our security team, engage with real systems, and make tangible improvements to our security posture. We welcome candidates with experience in fast-paced, small to mid-sized SaaS start-ups or scale-ups. This is a full-time position, preferably for candidates located in the United States. We understand that individuals bring diverse experiences and skills beyond technical requirements. If this role resonates with you, we encourage you to apply. We value diversity of experience and believe that a combination of skills and passion drives innovation and excellence. Therefore, we invite applicants from all backgrounds to apply!

Role overview The Information Security Compliance Manager at Rebuild Manufacturing plays a central role in protecting company data and ensuring ongoing compliance with information security standards. This position shapes security policies, manages risk, and keeps compliance activities in line with industry regulations. What you will do Conduct risk assessments to find and address security vulnerabilities Develop and update strategies for both regulatory and internal compliance Collaborate with teams throughout the organization to implement security controls Requirements Proven experience in information security and risk management Understanding of compliance frameworks and relevant industry regulations Comfort working with both technical and non-technical colleagues This role is based in the United States.

Join ClassWallet, a trailblazer in financial technology, as our Director of Security and Compliance. We empower public agencies to efficiently manage public funds through our innovative solutions. Our platform ensures that funds are allocated correctly, maximizing their impact and supporting compliance with policy requirements.With a proven track record of processing over $3.5 billion across 33 states, ClassWallet’s digital wallet solution is rapidly becoming the go-to resource for state and local agencies, earning accolades as one of the fastest-growing companies in the sector.We believe in making a profound social impact through our work. Our mission-driven culture fosters an environment of gratitude and work-life balance, allowing our employees to thrive both personally and professionally.Role Overview: The Director of Security and Compliance is an essential position within our organization, reporting directly to the Chief Legal Counsel. This role demands expertise in government security frameworks and is responsible for achieving and maintaining critical government certifications. You will work closely with Product and Engineering teams to ensure our solutions fulfill the stringent FedRAMP/GovRamp requirements from initial development through to deployment.

**This position is contingent upon contract award**SOSi is on the lookout for a dedicated Security & Compliance Administrator to play a pivotal role in supporting mission objectives. This position involves a structured approach to developing, integrating, and maintaining a scalable, federated data ecosystem, aimed at enhancing interoperability, governance, and mission-driven analytics for our Department of Defense (DoD) clientele.Key Responsibilities:Oversee and validate Kubernetes and data lake deployments to ensure compliance with Risk Management Framework (RMF), NIST 800-53, and DoD IL4/IL5 standards, collaborating with agency cybersecurity teams.Develop and maintain continuous monitoring dashboards while performing vulnerability scans on deployed infrastructure and workloads, thereby aiding the agency’s Authority to Operate (ATO) process and overall risk posture.Draft and update essential system security documentation, including System Security Plans (SSPs), Security Assessment Reports (SARs), and Plans of Action and Milestones (POA&Ms), reflecting updates to architecture, controls, or risk conditions.Implement and enforce encryption, logging, and identity access policies (IAM, RBAC, audit logging) to ensure robust traceability and accountability throughout the Kubernetes-based data architecture.Compile the Security & Compliance Assessment Report, providing a detailed summary of control effectiveness, findings, and suggested remediation actions.

About UsAt Sierra, we are pioneering a platform designed to enhance human connections in customer experiences through advanced AI technologies. Our headquarters is in San Francisco, with expanding offices in Atlanta, New York, London, France, Singapore, and Japan.Our culture is defined by essential values: Trust, Customer Obsession, Craftsmanship, Intensity, and Family. These principles guide our actions and are integral to our success.Our co-founders, Bret Taylor and Clay Bavor, bring extensive experience from leading roles at OpenAI, Salesforce, Facebook, and Google, among others.What You Will DoOversee independent audits and compliance programs, including ISO 42001, PCI DSS, NIST 800-53, FedRAMP, HIPAA, and other relevant frameworks.Lead the definition of project scope, conduct readiness assessments, engage auditors, plan remediation efforts, and report to executives.Gain a comprehensive understanding of Sierra’s Conversational AI Platform, model providers, and cloud architecture. Collaborate with Platform and Agent Engineering teams to implement controls across diverse cloud environments.Create and maintain a centralized library of security controls aligned with compliance, regulatory, and customer requirements. Continuously evaluate control effectiveness, identify vulnerabilities, prioritize risks, and drive remediation efforts to enhance our security posture.Establish and enforce security baselines for cloud infrastructure, containerized workloads, Kubernetes, identity management, encryption, logging, and network security. Work alongside engineering teams to integrate security measures into configuration and change management processes.Develop and manage automated compliance workflows leveraging AI, infrastructure as code, and security tools to optimize efficiency and assurance of controls.

Role overview Live View Technologies, Inc. is hiring an Information Security Manager specializing in Governance, Risk, and Compliance (GRC) at its American Fork, Utah office. This position leads the creation and management of security policies, focusing on regulatory compliance and the protection of company IT assets and data. Key responsibilities Develop and maintain information security policies and procedures Monitor compliance with applicable regulatory standards Protect IT systems and ensure data integrity Lead the risk management framework and identify potential vulnerabilities Collaborate with teams throughout the organization to implement and enforce security protocols Perform risk assessments and recommend actions to strengthen security measures

Who We AreAt CarGurus (NASDAQ: CARG), we empower people by simplifying their journey to car ownership. Our story began with a passionate team of developers dedicated to bringing trust and transparency to the automotive marketplace. Over the years, our innovative approach and rapid market growth have positioned us as the largest and fastest-growing automotive marketplace, maintaining profitability for over 15 years.What We DoAs the automotive industry evolves, so do we. We are transforming the entire car buying experience online, assisting our customers from selling their old vehicles to financing, purchasing, and delivering new ones. Each month, millions of consumers visit CarGurus.com, and approximately 30,000 dealerships leverage our solutions. Our employees thrive in a people-first culture that promotes kindness, collaboration, and innovation, and provides the tools necessary for career advancement. Join us as we disrupt a trillion-dollar industry with fresh, diverse perspectives!Role Overview:As the Manager of Security Governance, Risk, and Compliance (GRC) within our Information Security team, you will play a pivotal role in the evolution of our established GRC function. You will not only maintain our program but also enhance our capabilities to ensure that security acts as a catalyst for our business success, converting complex regulatory demands into a competitive edge.Your strategic leadership will focus on high-standard execution while emphasizing Revenue Enablement, ensuring our security posture alleviates friction in the enterprise sales cycle and strengthens our reputation as a trusted partner.How You’ll Make a Difference:Lead an established team to elevate our GRC maturity, developing and refining our Integrated Management System (IMS) across standards such as ISO 27001, 27017, 27018, and SOC 2 Type II.Modernize our risk reporting through quantitative risk management, moving beyond traditional qualitative assessments to deliver real-time, data-driven insights and financial risk forecasts grounded in FAIR principles.Act as a key contributor on our AI Governance Committee, facilitating the secure implementation of AI/LLM features within our products and overseeing AI integration governance across our internal SaaS ecosystem in alignment with ISO 42001.Position GRC as a driver of revenue by enhancing our compliance and risk functions, ensuring our security trust posture promotes global growth and instills confidence in our stakeholders.

Join our dynamic team at SV Tech Systems Inc. as a Security Manager / PCI Compliance Manager. In this pivotal role, you will oversee our security protocols and ensure compliance with PCI standards. Your expertise will be essential in safeguarding sensitive data and enhancing our security framework.

DoorDash is looking for a Senior Security Compliance Specialist based in the United States (remote) to help maintain and improve security standards across the organization. Role overview This position focuses on ensuring that DoorDash’s security practices meet industry standards and comply with relevant regulations. The Senior Security Compliance Specialist will partner with teams from different departments to identify and assess risks, implement necessary compliance measures, and monitor ongoing security efforts. What you will do Collaborate with cross-functional teams to evaluate and address security risks Implement compliance processes and controls to meet regulatory requirements Monitor and review DoorDash’s security posture on a continuous basis Requirements Experience in security compliance or a related field Strong understanding of industry standards and regulatory frameworks Ability to work effectively with teams across different functions

Join Bask Health as the Head of Compliance (HIPAA) and Security, where you will play a pivotal role in ensuring our organization adheres to regulatory standards and protects sensitive information. Your expertise will help shape our compliance strategy while fostering a culture of security and risk management.

CreditGenie seeks a Security Governance, Risk, and Compliance (GRC) Manager based in Plymouth Meeting, PA. This role centers on safeguarding the company’s information assets by applying effective security practices and providing oversight. Key Responsibilities Ensure the organization complies with all applicable regulatory requirements. Lead and coordinate risk assessments throughout the company. Create and update security policies to address emerging and existing threats. What We’re Looking For The ideal candidate has a background in security governance, risk management, and compliance. A strong commitment to protecting organizational data is essential for this position.

Join Blackpoint Cyber as a Security Compliance Analyst and play a vital role in ensuring our cybersecurity compliance framework is robust and effective. In this fully remote position, you will collaborate with cross-functional teams to audit and enhance security policies, ensuring adherence to industry standards. Your analytical skills will be pivotal in identifying potential vulnerabilities and recommending solutions to mitigate risks.