H1

Security Compliance Program Manager

H1

full-time

Posted on:

Location Type: Hybrid

Location: New York CityNew YorkUnited States

Visit company website

Explore more

AI Apply
Apply

Salary

💰 $90,000 - $115,000 per year

About the role

  • Own the compliance calendar, including timelines, milestones, check-ins, and recurring evidence collection across SOC 2, ISO 27001, and HITRUST.
  • Drive audit readiness end-to-end by maintaining compliance roadmaps, dependencies, and deliverables to ensure work stays on track throughout the year.
  • Operate Thoropass day-to-day by assigning evidence requests, sending reminders, maintaining clean artifacts, managing dashboards, and supporting basic workflows and access as needed.
  • Coordinate audit activities by tracking auditor requests, managing deadlines, and ensuring responses are complete, accurate, and submitted on time.
  • Partner cross-functionally with IT, Engineering, Product, HR, Legal, and Operations to assign ownership, align expectations, and drive follow-through.
  • Draft, update, and maintain security and compliance policies and procedures that align required controls with real operational practices.
  • Create new security and compliance policies as needed to support evolving business practices, audit requirements, and control gaps, ensuring policies are practical, clear, and aligned with how the company actually operates.
  • Run compliance operations by managing policy review cycles, control narratives, version control, and evidence consistency across frameworks.
  • Track findings and remediation by logging gaps, assigning owners and due dates, and validating closure and remediation evidence.

Requirements

  • 4+ years of experience in program management, compliance coordination, security operations, or a similar cross-functional role
  • Strong familiarity with SOC 2; exposure to ISO 27001 and/or HITRUST (hands-on experience is a plus, not required)
  • Solid project and program management fundamentals, including task tracking, dependency management, and stakeholder follow-up
  • Excellent documentation skills and attention to detail (naming conventions, versioning, evidence quality)
  • Experience drafting and maintaining policies and procedures aligned to operational reality
  • Experience using compliance tools such as Thoropass, Drata, or Vanta (Thoropass preferred)
Benefits
  • Full suite of health insurance options, in addition to generous paid time off
  • Pre-planned company-wide wellness holidays
  • Retirement options
  • Health & charitable donation stipends
  • Impactful Business Resource Groups
  • Flexible work hours & the opportunity to work from anywhere
  • The opportunity to work with leading biotech and life sciences companies in an innovative industry with a mission to improve healthcare around the globe

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard skills
program managementcompliance coordinationsecurity operationstask trackingdependency managementdocumentation skillspolicy draftingevidence collectionaudit readinessremediation tracking
Soft skills
attention to detailcross-functional collaborationstakeholder managementcommunicationorganizational skills