Serve as an IS&T Program Expert and Accreditor, evaluating security and technology systems across the federation and conducting PCI DSS compliance activities.
Conduct risk assessments and technical analyses to identify non-compliance with NIST CSF and HIPAA Security, and manage corrective actions.
Communicate professionally with technical and non-technical stakeholders to ensure timely project management and education on compliance requirements.
Coordinates and administers privacy and compliance programs to ensure adherence to regulatory requirements.
Partners with internal teams to interpret requirements, implement compliant solutions, and monitor activities.
Develops policies, tracks corrective actions, and supports audits to maintain program effectiveness.
Capital Blue Cross is a health insurance company that improves the health and well-being of members and communities. It is an independent licensee of the Blue Cross Blue Shield Association and has been voted a 'Best Place to Work in PA' by employees.
Respond to customer and prospect security/compliance questions and improve repeatable processes and evidence quality.
Upsun is the cloud application platform for hybrid teams, enabling developers to build, ship, and scale confidently without managing backend infrastructure. The company has a remote, global workforce and fosters a multicultural, open, and inclusive culture with a focus on open source and innovation.
Manage ISACA's credentialing program policies and ensure compliance with ISO/IEC 17024:2026 standard.
Design and implement controls to mitigate risks associated with exam IP and certification fraud.
Oversee credentialing policy-driven activities and collaborate with internal teams to maintain exam integrity.
ISACA champions the global workforce advancing trust in technology. For more than 55 years, ISACA has empowered its community of 195,000+ members with knowledge, credentials, training and network.
Consult onsite and remotely with customers to collect and analyze data related to policies, infrastructure, and compliance requirements.
Perform gap analyses of current environments and recommend remediation steps.
Assist with sales and marketing activities as a subject matter expert and prepare industry presentations.
CampusGuard provides information security and privacy consulting and compliance services for campus-based organizations. It is a full-service firm leveraging industry standards to deliver world-class security and compliance services.
Provide support on regulatory compliance requirements and conduct gap assessments of business unit procedures against global policies.
Collaborate with Legal, Information Security, and business teams to manage compliance risks and support regulatory exams.
Maintain an understanding of business processes, products, and services while participating in exams as a subject matter expert.
Experian is a global data and technology company operating across financial services, healthcare, automotive, and more. With 25,200 employees across 32 countries, they have an award-winning, inclusive, and purpose-driven culture.
Develop and maintain the enterprise IT GRC strategy, framework, and roadmap, presenting updates to executive leadership.
Lead enterprise IT risk assessments, maintain risk registers, and oversee remediation efforts.
Ensure compliance with regulations like NIST, ISO 27001, SOC, PCI-DSS, HIPAA, GDPR, and SOX.
Mission Critical Group is an end-to-end power solutions and services provider that accelerates time-to-power for mission critical environments. With over 1.5 million square feet of U.S. manufacturing capacity, the company supports data centers, healthcare, and industrial facilities where uptime is non-negotiable.
Support implementation and operation of the Compliance Program, including conflict of interest, compliance hotline, and regulatory reviews.
Serve as liaison for compliance questions and incidents, and recommend corrective actions and education opportunities.
Work with all levels to ensure internal controls provide accurate, complete, and compliant processes.
Cooper University Health Care is a healthcare organization dedicated to providing extraordinary health care and fostering clinical innovation. It offers competitive compensation, comprehensive benefits, and opportunities for professional growth.
Partner with the CISO to drive security strategy, roadmap, and execution across application security, GRC, and operations.
Support compliance initiatives including PCI, SOC 2, ISO 27001, DORA, and FedRAMP readiness.
Serve as a trusted security leader in customer-facing settings, translating technical risks into business language.
Sardine is the leading agentic risk platform for fighting financial crime, integrating data across risk teams to stop fraud and automate AML operations. With over 6 billion profiled devices and 800 million consumers, we maintain a remote-first culture that values performance over hours worked.
Provide quality customer service and monitor compliance mailbox for client requests.
Prepare written responses to security inquiries and handle due diligence questionnaires.
Support audit activities and coordinate with departments on policy development and remediation.
TierPoint provides information security and compliance solutions. The company fosters a collaborative, team-oriented culture with a focus on confidentiality and accuracy.
Work with team members to assess DIB organizations' compliance with CMMC regulations.
Collect and examine evidence, observe, test, and analyze results to score OSC practices.
Generate preliminary report findings and finalize assessment reports.
Coalfire Federal is a cybersecurity consultancy providing independent advice, assessments, and cyber engineering to Federal agencies. With over 20 years of experience and offices in the US and Europe, it fosters a culture of passionate problem-solvers.
Serve as a primary compliance resource embedded in the Alma-to-Spring Health integration, mapping control environments and building a unified compliance organization.
Own and lead enterprise-level compliance programs including SOC 2 Type II, HITRUST, HIPAA, GDPR, ISO 27001, ISO 42001, and ITGC-SOX.
Develop and operationalize Spring Health's AI governance program, including policies, risk frameworks, and AI-specific compliance documentation.
Spring Health is a global mental health company on a mission to eliminate every barrier to mental health. With outcomes independently validated by JAMA Network Open, Spring Health reaches more than 170 million people worldwide through leading employers, health plans, and partners.
Serve as a subject matter expert on Canadian consumer protection and payment regulations, providing advisory support to Product, Legal, Risk, and Operations teams.
Oversee Canadian regulatory reporting, lead compliance risk assessments, and evaluate control effectiveness to ensure program alignment.
Maintain and enhance Canada-specific policies, procedures, and control documentation while partnering cross-functionally on remediation efforts.
Affirm is reinventing credit to make it more honest and friendly, offering consumers the flexibility to buy now and pay later without hidden fees or compounding interest. We are a global fintech company with a remote-first culture, dedicated to delivering honest financial products.
Support compliance monitoring, investigations, and audits to ensure adherence to TEFCA, HIPAA, and information blocking regulations.
Utilize Databricks, SQL, and AI tools to analyze data exchange activity and prepare compliance reports and dashboards.
Collaborate with Legal, Security, and Engineering teams to develop policies, maintain compliance documentation, and foster regulatory excellence.
Health Gorilla is a national interoperability and health information exchange company dedicated to improving healthcare through secure, standards-based data sharing. As a designated Qualified Health Information Network (QHIN) under TEFCA, it connects healthcare organizations nationwide and operates as a growth-stage company with a collaborative, compliance-focused culture.
Own and manage the compliance program including SOC 2 and ISO 27001 readiness and audits.
Lead risk assessments, control testing, and enterprise risk management processes.
Partner with Engineering, Security, Product, Legal, HR, and Operations to embed compliance into business processes.
Calendly is a scheduling platform used by millions to automate meetings and streamline time management. They are a rapidly growing SaaS company fostering a culture of learning and high performance.
Monitor security alerts, vulnerabilities, and incidents across enterprise systems and assist in incident response.
Maintain compliance with standards such as NIST CSF, ISO 27001, and SOC 2 through audits and policy development.
Conduct security risk assessments, evaluate controls, and track remediation plans.
Mission Critical Group is an end-to-end power solutions and services provider that accelerates time-to-power for mission critical environments. With over 1.5 million square feet of U.S. manufacturing capacity, they support data centers, healthcare, and industrial facilities.
Build and mature a best-in-class compliance program aligned with OIG guidance and industry standards.
Draft, implement, and refresh compliance policies, training, and monitoring initiatives.
Manage HCP engagement programs, including FMV assessment and regulatory compliance.
Mineralys Therapeutics is a clinical-stage biopharmaceutical company focused on developing medicines to target hypertension and related comorbidities. It is headquartered in Radnor, Pennsylvania, and operates as a fully remote company.
Conduct hands-on compliance audits of digital platforms against global privacy regulations such as GDPR, CCPA, and COPPA.
Design and execute independent audit methodologies to test user protections, content moderation, and data handling practices.
Present detailed findings and strategic recommendations to clients and their leadership through executive briefings.
Coalfire solves clients' hardest cybersecurity challenges through advisory, assessment, and automation. They are a team of passionate problem-solvers with offices across the US and UK.
Manage and conduct internal and external compliance audits for frameworks like ISO, SOC, and NIST.
Work with global teams to implement and update compliance controls, policies, and training.
Stay updated on regulatory changes and perform gap analysis to maintain certifications.
QAD is building a world-class SaaS company that solves real-world problems in manufacturing and supply chain. They are a growing, virtual-first company with a collaborative culture that values idea-sharing and growth.
Serve as a trusted compliance advisor for DoD contractors, guiding them through NIST SP 800-171, CMMC 2.0, and DFARS requirements from gap analysis to audit readiness.
Conduct recurring strategy meetings, review implementation progress, translate complex regulations into practical recommendations, and collaborate with client leadership.
Prepare professional assessment reports, maintain compliance documentation, deliver training, and support clients through ongoing compliance management and SPRS submissions.
On Call Computer Solutions is a nationwide leader in cybersecurity, compliance, and managed IT services for Department of Defense contractors. Since 2003, they have helped organizations meet DFARS, NIST SP 800-171, and CMMC requirements with an award-winning team.
Manage the Compliance and Security workstream within a telecom transformation program, coordinating SOC 2, ISO/IEC 27001, and GDPR readiness activities.
Build and maintain the workstream plan with milestones, deliverables, and RAID logs, while driving evidence collection and control-owner alignment.
Facilitate workshops, track remediation across multiple domains, and ensure alignment with adjacent program streams and governance forums.
Miratech helps visionaries change the world as a global IT services and consulting company supporting digital transformation for large enterprises. With nearly 1000 professionals operating across 25+ countries and a 99% project success rate, their culture emphasizes relentless performance and growth.