Lead the development, implementation, and continuous improvement of a comprehensive healthcare privacy and compliance program.
Ensure all organizational operations meet and exceed regulatory, governance, and client standards, including HIPAA, HITRUST, SOC2, and Medicare/Medicaid requirements.
Proactively identify and mitigate compliance risks across the enterprise.
Ensure adherence to regulations and contractual obligations.
Develop and update compliance policies and SOPs.
Conduct internal compliance audits and report findings.
Equip is a virtual, evidence-based eating disorder treatment program. They aim to ensure that everyone with an eating disorder can access effective treatment, operating in all 50 states and partnered with most major health insurance plans. Since its founding in 2019, Equip has maintained a fully virtual environment.
Define and execute compliance program strategy across various domains.
Lead enterprise-wide compliance programs with multi-year timelines.
Create scalable compliance frameworks and integrate processes across products.
Jobgether connects job seekers with opportunities at partner companies. They use an AI-powered matching process to ensure applications are reviewed quickly and fairly.
Establish and maintain the organization’s enterprise-wide information security program.
Ensure compliance with healthcare and international security standards.
Develop and deliver security awareness training to employees.
MIE provides solutions that make a meaningful difference in healthcare. Founded in 1995, MIE serves as the innovation engine for business units that serve hospitals and health systems, physician practices, Fortune 500 employers, government agencies, and consumers.
Build and mature core elements of Rula’s enterprise Compliance Program.
Ensure adherence to federal and state healthcare regulatory requirements across Rula’s clinical operations.
Lead compliance risk assessments and internal controls; oversee investigations and corrective action processes.
Rula is dedicated to treating the whole person and aims to create a world where mental health is no longer stigmatized. Rula is a remote-first company that is passionate about making a positive impact on the lives of those struggling with mental health issues.
Assist in the development, implementation, and maintenance of compliance programs.
Support HIPAA and patient privacy initiatives, including risk assessments.
Partner cross-functionally to evaluate compliance and privacy impacts of new initiatives.
Wisp puts healthcare back in patients’ hands by connecting patients with hassle-free sexual + reproductive care online, with discreet and convenient treatment that saves them time, money, and stress. They are a growing, fully-remote team in the United States.
Own the end-to-end process for client and prospect security questionnaires.
Collaborate with internal stakeholders, managing timelines to ensure accurate responses.
Develop and maintain a "Trust Center" to proactively address common security questions.
Included Health is a healthcare company that delivers integrated virtual care and navigation. They aim to break down barriers to provide high-quality care for every person, offering care guidance, advocacy, and access to personalized virtual and in-person care.
Lead development of security strategy aligned to client business goals.
Guide risk management practices including risk registers and threat modeling.
Provide executive-level oversight of regulatory compliance programs.
Jobgether uses an AI-powered matching process to ensure applications are reviewed fairly. Their system identifies the top-fitting candidates and shares this shortlist with the hiring company.
Coordinate compliance with standards (PCI, HIPAA, ISO 27002, SOC 1/2/3, FISMA/FedRAMP, etc.) under guidance.
Maintain evidence repositories and partner with SMEs to refresh artifacts.
Coordinate audits and certification efforts, partnering with support teams on timelines and resourcing.
Experian is a global data and technology company, powering opportunities for people and businesses around the world. As a FTSE 100 Index company listed on the London Stock Exchange (EXPN), they have a team of 22,500 people across 32 countries.
Act as the compliance point of contact for new alternate payment model initiatives, providing compliance guidance.
Stay informed on legal and regulatory changes, ensuring organization departments align with them.
Coordinate across departments to implement compliance mechanisms, meeting contractual commitments.
Jobgether uses an AI-powered matching process to ensure your application is reviewed quickly, objectively, and fairly against the role's core requirements. The final decision and next steps (interviews, assessments) are managed by their internal team.
Collaborate with cross-functional teams to maintain and improve the company's comprehensive compliance program.
Manage the end-to-end audit process for SOC 2 compliance, ensuring timely and accurate completion.
Oversee the Information Security Risk Management Program, documenting identified risks, coordinating mitigation efforts.
airSlate is a global SaaS technology company that develops no-code workflow automation, electronic signature, and document management solutions. They have teammates in more than 20 countries across three continents and main hubs in the United States, Poland, Romania, Ukraine and Philippines.
Lead and oversee a team on execution of all aspects of regulatory and client audits.
Interface with external clients and regulatory bodies to address inquiries.
Coordinate across teams to document and ensure timely completion of corrective actions.
We are currently looking for a Compliance Manager - REMOTE. As part of the Audit and Corrections team, the Compliance Manager will oversee audit engagements and corrective actions while driving a culture of compliance throughout the organization.
Lead the configuration and management of GRC tools to ensure integration with security systems.
Manage the main dashboard for SOC 2 reporting, ensuring accuracy and compliance.
Develop and maintain a comprehensive risk management program and conduct risk assessments.
Engine is transforming business travel into something personalized, rewarding, and simple. They have over 20,000 companies relying on Engine to support over 1 million travelers and billions in annual bookings each year and have been recognized as one of the fastest-growing travel and fintech platforms in North America.
Lead incident response and ensure compliance with HIPAA, SOC 2, and HITRUST.
IntusCare is dedicated to providing a HIPAA-compliant healthcare platform for vulnerable elderly populations. As a fast-growing startup, they are scaling to support hundreds of customers and prioritize security.
Acting as the primary subject matter expert for all security and compliance inquiries.
Taking end-to-end ownership of certification lifecycles, such as ISO 27001 and Cyber Essentials.
Working closely with the GRC team to improve existing programs.
Sword Health is shifting healthcare from human-first to AI-first through its AI Care platform, making world-class healthcare available anytime, anywhere. They have over 1,000 enterprise clients and are backed by 42 clinical studies and over 44 patents.
Own our information security strategy and build our security roadmap.
Maintain our ISO 27001 certification, preparing for SOC 2 readiness.
Operate strategically and tactically, developing policy and reviewing cloud configurations.
ApprovalMax is redefining how finance teams manage the Money Out cycle — from purchase orders and supplier bills to employee expense management and payroll. Trusted by 18,000+ businesses worldwide, our platform empowers companies to automate financial controls, ensure compliance, and scale efficiently.
Own the 24‑month global security roadmap developed with an external partner; drive planning, resource allocation, cross‑region rollout, milestone tracking, and KPI delivery.
Lead the cybersecurity transformation: redesign the security operating model, establish regional capability hubs, hire and upskill teams, and integrate security into engineering and product lifecycles.
Modernize security tooling and architecture: define global architecture for IAM, cloud security, vulnerability management, SIEM/XDR, DLP, and secure SDLC integrations; manage vendor selection and lifecycle.
Black Duck Software, Inc. helps organizations build secure, high-quality software, minimizing risks while maximizing speed and productivity. With a combination of industry-leading tools, services, and expertise, Black Duck helps organizations maximize security and quality in DevSecOps and throughout the software development life cycle.
Perform internal audits and vulnerability testing, ensuring security controls are monitored.
Lead security architecture governance for internal IT and projects, using Unified Architecture Framework.
Maintain compliance with security requirements and develop roadmaps to address evolving threats.
Jobgether is a platform connecting job seekers with companies. It uses AI-powered matching to ensure applications are reviewed quickly and fairly, identifying top candidates for employers.
Executes enterprise privacy strategy and governance.
Embeds privacy-by-design into product and tech.
Leads privacy reviews for vendors and partners.
HealthEquity's mission is to save and improve lives by empowering healthcare consumers. They value their employees and strive to make HSAs widespread and popular, connecting health and wealth for American families.
Define and lead HIM strategy by building scalable processes to fulfill records requests.
Define, develop, and maintain standard medical record report outputs responsive to various record & audit request scenarios.
Process medical records of patients, checking for compliance with established policy on nomenclature and procedures.
Omada Health inspires and engages people in lifelong health, one step at a time, and has served 1.4 million individuals since 2011. Its workforce is 100% remote, and it is committed to building an inclusive culture where differences are celebrated.