Security Governance Program Manager - Remote

Overview

The Security Governance Program Manager will oversee the implementation and management of a HITRUST program, coordinating security risk management and vendor due diligence for Imagine Pediatrics.

In Short

• Serve as a key subject matter expert for governance, risk, and compliance.
• Support HITRUST r2 certification implementation.
• Maintain security policies, standards, and procedures.
• Lead third-party/vendor risk management program.
• Administer the security GRC toolset.
• Coordinate internal security risk assessments and audits.
• Collaborate with teams for effective ePHI management.
• Respond to third-party security diligence requests.
• Work with auditors on security certifications.

Requirements

• BS in computing, information security, or related field; MS preferred.
• 5+ years of information security GRC or audit experience.
• Strong experience with HITRUST r2 program.
• Knowledge of healthcare security regulations (HIPAA, HITECH).
• Experience with SOC 2, ISO 27001, and NIST frameworks.
• Industry certifications preferred (CRISC, CISA, CISM).
• Prior experience in healthcare security.
• Experience with compliance automation tools (Hyperproof, Drata, Vanta) is a plus.
• Highly organized and self-motivated.
• Excellent communication skills.

Benefits

• Base salary range of $110,000 - $140,000 plus annual bonus.
• Competitive medical, dental, and vision insurance.
• Healthcare and Dependent Care FSA; Company-funded HSA.
• 401(k) with 4% match, vested 100% from day one.
• Employer-paid short and long-term disability.
• Life insurance at 1x annual salary.
• 20 days PTO + 10 Company Holidays & 2 Floating Holidays.
• Paid new parent leave.
• Additional benefits detailed in offer.