Security Manager
Share
Job Location:
Monthly Salary:
Posted on:
11 hours ago
Vacancies:
1 Vacancy
Job Summary
TheSecurity Manager will lead implement and maintain our security privacy and certification programs for MarketProminence. This role will be responsible for designing and operationalizing SOC2 compliant policies managing our GRC platform coordinating audits ensuring readiness for external assessments and serving as a key resource for client security requests. This Security Managerwill work as an individual contributor cross-functionally with Engineering Security HR and Operations teams to ensure our controls are well-designed consistently implemented and documented in alignment with regulatory requirements and industry best practices.
Key Responsibilities:
Certification Program Development
- Lead the companys SOC 2 Type II and HIPAA compliance initiatives from planning through certification.
- Develop draft and maintain security IT and privacy policies aligned with SOC 2 HIPAA NIST and other relevant standards.
- Establish and maintain a security roadmap including milestones control gaps remediation steps and timelines.
GRC Tool Ownership
- Implement configure and administer the companys GRC platform.
- Map controls evidence sources workflows and automated tests within the GRC tool.
- Ensure continuous monitoring and automated evidence collection is accurate and functioning.
- Work with MarketProminence team to correct any findings.
Audit & Certification Management
- Serve as the primary liaison for external auditors assessors and compliance partners.
- Prepare audit-ready documentation evidence and controls for SOC 2 Type II and HIPAA audits.
- Coordinate and track internal control testing and remediation actions.
- Maintain readiness for annual recertification and surveillance audits.
Policy & Process Implementation
- Train internal teams on new policies procedures and compliance requirements.
- Collaborate with Engineering and DevOps to implement technical security controls (e.g. logging access management encryption vulnerability management).
- Ensure proper implementation and documentation of administrative physical and technical safeguards required for HIPAA.
Client Security Requests
- Manage client and prospect security questionnaires.
- Maintain standardized responses and supporting documentation.
- Participate in security review calls with clients as needed.
Risk Management & Internal Oversight
- Maintain the MarketProminence risk register and ensure timely risk assessments.
- Oversee third-party vendor security evaluations and monitoring.
- Participate in incident response planning tabletop exercises and post-incident reviews.
- Monitor and report on compliance KPIs and risk posture to leadership.
Continuous Improvement
- Stay current with regulatory requirements and industry frameworks (e.g. SOC 2 HIPAA).
- Recommend and implement improvements to enhance the companys security and compliance posture.
- Evaluate and introduce new tools processes and automation opportunities.
Skill Requirements:
- 37 years of experience in security compliance IT risk or related field.
- Direct experience with SOC 2 Type II and/or HIPAA compliance initiatives.
- Strong familiarity with common GRC tools and compliance automation platforms.
- Experience drafting policies procedures and technical security documentation.
- Ability to manage audits communicate with auditors and gather required evidence.
- Understanding of security best practices (access control encryption logging vulnerability management cloud security).
- Excellent organizational project management and cross-functional communication skills.
Education/Certification Requirements:
- Bachelors Degree or relevant certifications
Additional Competency Requirements:
- Experience in a SaaS cloud-native or healthcare IT environment.
- Knowledge of AWS Azure or other cloud security frameworks.
- Experience with HITRUST ISO 27001 or NIST frameworks.
- Relevant certifications (e.g. CISSP CISA CISM HCISPP Security CCSFP).
- Successful candidate must be able to successfully complete a background check and drug screening.
At MHK we help health plans and pharmacy benefit managers deliver optimal care management across every members health journey. We do this through state-of-the-art technology that provides critical insights from member enrollment and maintenance through every stage of care and compliance. We believe that long-term partnerships are built on trust. Our team members are expected to build trusted advisory relationshipswith MHK clients and one anotherthrough responsive transparent communication while honoring commitments and tying that trust to outcomes.
Benefits Snapshot:
Medical vision and dental plans for full time employees
401(k) offered with a generous match
Benefits begin on first day of the month following employment
Exercise/Health Club reimbursement opportunity
Monthly dependent care reimbursementopportunity
Short Term and Long-Term disability
Basic Term Life and AD&D Insurance
Generous PTO and Company Paid Holidays
EQUAL OPPORTUNITY EMPLOYER - VETERANS/DISABLED. Always be aware of Recruitment Fraud
Required Experience:
Manager
Key Skills
- Crisis Management
- IDS
- FedRAMP
- ICD Coding
- Military Experience
- PCI
- Business Management
- Conflict Management
- NIST Standards
- Security
- Information Security
- Encryption
About Company
Hearst Television (HTV) owns and/or operates 35 television and two radio stations serving 27 media markets across 39 states reaching over 22 million U.S. television households. HTV is recognized as one of the industry's premier broadcasting companies and has been honored with numerous ... View more
