Hearst Health

Security Manager

Hearst Health

full-time

Posted on:

Location Type: Hybrid

Location: TampaConnecticutFloridaUnited States

Visit company website

Explore more

AI Apply
Apply

Tech Stack

Cloud

About the role

  • Lead the company’s SOC 2 Type II and HIPAA compliance initiatives from planning through certification.
  • Develop, draft, and maintain security, IT, and privacy policies aligned with SOC 2, HIPAA, NIST, and other relevant standards.
  • Establish and maintain a security roadmap, including milestones, control gaps, remediation steps, and timelines.
  • Implement, configure, and administer the company’s GRC platform.
  • Map controls, evidence sources, workflows, and automated tests within the GRC tool.
  • Ensure continuous monitoring and automated evidence collection is accurate and functioning.
  • Serve as the primary liaison for external auditors, assessors, and compliance partners.
  • Prepare audit-ready documentation, evidence, and controls for SOC 2 Type II and HIPAA audits.
  • Train internal teams on new policies, procedures, and compliance requirements.
  • Collaborate with Engineering and DevOps to implement technical security controls (e.g., logging, access management, encryption, vulnerability management).
  • Maintain the MarketProminence risk register and ensure timely risk assessments.
  • Stay current with regulatory requirements and industry frameworks (e.g., SOC 2, HIPAA).

Requirements

  • 3–7+ years of experience in security, compliance, IT risk, or related field.
  • Direct experience with SOC 2 Type II and/or HIPAA compliance initiatives.
  • Strong familiarity with common GRC tools and compliance automation platforms.
  • Experience drafting policies, procedures, and technical security documentation.
  • Ability to manage audits, communicate with auditors, and gather required evidence.
  • Understanding of security best practices (access control, encryption, logging, vulnerability management, cloud security).
  • Excellent organizational, project management, and cross-functional communication skills.
  • Bachelor’s Degree or relevant certifications.
Benefits
  • Medical, vision, and dental plans for full time employees
  • 401(k) offered with a generous match
  • Benefits begin on first day of the month following employment
  • Exercise/Health Club reimbursement opportunity
  • Monthly dependent care reimbursement opportunity
  • Short Term and Long-Term disability
  • Basic Term Life and AD&D Insurance
  • Generous PTO and Company Paid Holidays
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
SOC 2 Type II complianceHIPAA complianceGRC platform administrationsecurity policy developmenttechnical security controlsvulnerability managementaccess managementencryptionloggingaudit documentation
Soft Skills
organizational skillsproject managementcross-functional communicationtrainingliaison skills
Certifications
Bachelor’s Degree