Information Security And Compliance Manager

closed
Artera Logo

Artera

๐Ÿ’ต $115k-$155k
๐Ÿ“Remote - United States

Summary

Join Artera's InfoSec team as an Information Security and Compliance Manager and play a critical role in maintaining our security program and ensuring compliance with regulations like HITRUST, SOC 2, and ISO. You will manage security audits, develop policies, collaborate with cross-functional teams, and oversee penetration testing. This role offers the autonomy to drive the InfoSec program forward and make a direct impact on veterans' healthcare through the VA. The position requires experience with HITRUST audits, governance, risk, and compliance in highly regulated industries, along with hands-on experience with cloud platforms and data classification. A bachelor's degree in STEM is preferred, but additional experience is acceptable. Artera offers a competitive salary, equity, and a variety of benefits.

Requirements

  • Bachelorโ€™s degree in STEM preferred additional experience in lieu of a degree is also accepted
  • Experience with HITRUST policy templates and audits, preferably with familiarity in the latest versions (9.6 to 11)
  • Proven expertise in governance, risk, and compliance, particularly in highly regulated industries like healthcare
  • Hands-on experience with cloud-based platforms (AWS), data classification methodologies, and configuration management tools (e.g., Jamf or Intune)
  • Familiarity with directory services for role-based access control and logical/physical security
  • Demonstrated ability to manage audits, pentests, and control effectiveness with minimal oversight
  • Exceptional problem-solving and collaboration skills
  • Strong communication skills, with a knack for making technical language approachable and understandable

Responsibilities

  • Manage the full lifecycle of security audits, including HITRUST, SOC 2, and other regulatory requirements
  • Conduct gap analyses, compliance verification, and develop remediation strategies
  • Create and maintain a library of technical and non-technical policies aligned with our compliance standards
  • Collaborate with cross-functional teams (DevOps, DBA, Engineering) to verify processes and controls are effective
  • Oversee penetration testing, ensuring findings are addressed effectively
  • Lead cybersecurity risk resilience efforts, including identifying and mitigating vulnerabilities
  • Interpret and translate complex security and compliance requirements into actionable frameworks
  • Mentor the team and help the InfoSec program achieve greater autonomy
  • Build strong relationships with auditors, ensuring seamless communication and alignment
  • Develop scalable processes for meeting evolving compliance and security requirements

Preferred Qualifications

  • Experience with FedRAMP compliance
  • Facility security clearance or a strong relationship with auditors
  • Sales acumenโ€”knowing when and how to push back effectively

Benefits

  • Full health benefits (medical, dental, and vision)
  • Flexible spending accounts
  • Company paid life insurance
  • Company paid short-term & long-term disability
  • Company equity
  • Voluntary benefits
  • 401(k)
  • Manager development cohorts
  • Employee development funds
  • Company holidays
  • Winter & Summer break
  • Flexible time off
  • Employee Resource Groups (ERGs)
This job is filled or no longer available