Information Security And Compliance Manager
Artera
Job highlights
Summary
Join Artera's InfoSec team as an Information Security and Compliance Manager and play a critical role in maintaining our security program and ensuring compliance with regulations like HITRUST, SOC 2, and ISO. You will manage security audits, develop policies, collaborate with cross-functional teams, and oversee penetration testing. This role offers the autonomy to drive the InfoSec program forward and make a direct impact on veterans' healthcare through the VA. The position requires experience with HITRUST audits, governance, risk, and compliance in highly regulated industries, along with hands-on experience with cloud platforms and data classification. A bachelor's degree in STEM is preferred, but additional experience is acceptable. Artera offers a competitive salary, equity, and a variety of benefits.
Requirements
- Bachelor’s degree in STEM preferred additional experience in lieu of a degree is also accepted
- Experience with HITRUST policy templates and audits, preferably with familiarity in the latest versions (9.6 to 11)
- Proven expertise in governance, risk, and compliance, particularly in highly regulated industries like healthcare
- Hands-on experience with cloud-based platforms (AWS), data classification methodologies, and configuration management tools (e.g., Jamf or Intune)
- Familiarity with directory services for role-based access control and logical/physical security
- Demonstrated ability to manage audits, pentests, and control effectiveness with minimal oversight
- Exceptional problem-solving and collaboration skills
- Strong communication skills, with a knack for making technical language approachable and understandable
Responsibilities
- Manage the full lifecycle of security audits, including HITRUST, SOC 2, and other regulatory requirements
- Conduct gap analyses, compliance verification, and develop remediation strategies
- Create and maintain a library of technical and non-technical policies aligned with our compliance standards
- Collaborate with cross-functional teams (DevOps, DBA, Engineering) to verify processes and controls are effective
- Oversee penetration testing, ensuring findings are addressed effectively
- Lead cybersecurity risk resilience efforts, including identifying and mitigating vulnerabilities
- Interpret and translate complex security and compliance requirements into actionable frameworks
- Mentor the team and help the InfoSec program achieve greater autonomy
- Build strong relationships with auditors, ensuring seamless communication and alignment
- Develop scalable processes for meeting evolving compliance and security requirements
Preferred Qualifications
- Experience with FedRAMP compliance
- Facility security clearance or a strong relationship with auditors
- Sales acumen—knowing when and how to push back effectively
Benefits
- Full health benefits (medical, dental, and vision)
- Flexible spending accounts
- Company paid life insurance
- Company paid short-term & long-term disability
- Company equity
- Voluntary benefits
- 401(k)
- Manager development cohorts
- Employee development funds
- Company holidays
- Winter & Summer break
- Flexible time off
- Employee Resource Groups (ERGs)
Share this job:
Similar Remote Jobs
- 📍United Kingdom
- 📍Spain
- 📍United Kingdom
- 📍Worldwide
- 📍United States
- 📍Ireland
- 📍United States
- 💰$90k-$140k📍Malta
- 📍Worldwide