Security Governance Program Manager

Imagine Pediatrics

full-time

Posted on: 9/3/2025

Location: 🇺🇸 United States

✨ AI Apply

💰 $110,000 - $140,000 per year

Mid-LevelSenior

About the role

Serve as a key subject matter expert (SME) for governance, risk, and compliance within Imagine Pediatrics' information security team.
Support the implementation and ongoing program management for HITRUST r2 certification.
Maintain Imagine Pediatrics' security policies, standards, and procedures.
Lead and enhance the third-party/vendor risk management program.
Administer the security GRC toolset, including the enterprise risk register.
Coordinate and drive internal security risk assessments and auditing activities.
Collaborate with business and clinical teams to ensure effective ePHI management.
Respond to third-party security and privacy diligence requests.
Work with external auditors and partners on security certifications and attestations.

BS degree in computing, information security, or a related field. MS degree preferred.
5+ years of information security GRC or audit experience accepted in lieu of a degree.
Strong experience implementing and maintaining a HITRUST r2 program.
Working knowledge of healthcare industry security and privacy regulations (HIPAA, HITECH).
Experience with SOC 2, ISO 27001 and NIST security frameworks.
Industry certifications preferred, such as CRISC, CISA, CISM, or ISO 27001 Lead Auditor.
Prior experience supporting security in healthcare companies.
Experience with compliance automation tools like Hyperproof, Drata or Vanta is a plus.
Highly organized, motivated, and capable of working independently as a self-starter.
Excellent communication skills, with the ability to translate complex compliance requirements for technical and business audiences.