Compliance

• Compliance & Regulatory Oversight: Ensure adherence to regulatory and industry standards relevant to clients (e.g., HIPAA, PCI-DSS, SOC 2, CMMC, GDPR, NIST CSF, ISO 27001).
• Policy & Documentation: Develop, implement, and maintain security compliance policies, standards, and procedures for both internal operations and client environments.
• Risk & Incident Management: Partner with security and service delivery teams to identify, assess, and mitigate compliance risks.
• Global Privacy Program: Design, implement, and manage a global privacy program that ensures compliance with data protection laws and regulations (e.g., GDPR, CCPA, HIPAA, PIPEDA, LGPD).
• Mergers & Acquisitions Oversight: Lead security and compliance due diligence activities during M&A processes.
• Third-Party Vendor Risk Management: Establish and maintain a third-party vendor risk management program.

Compliance Specialist

Compliance Manager – E&S Insurance

Compliance Analyst II

Senior Manager, IT GRC

Senior Compliance Associate

Healthcare Compliance Consultant