Director, Information Security Compliance

2 days ago

🇺🇸 United States – Remote

🍂 Massachusetts – Remote

Although this job is listed in Massachusetts, this company may be open to hiring remote in other states.

⏰ Full Time

🔴 Lead

👮‍♂️ Security Engineer

🦅 H1B Visa Sponsor

Apply Now

Receive Emails with Similar Jobs

Manifold

WebsiteLinkedInAll Job Openings

Machine Learning • Artificial Intelligence • Healthcare • Life Sciences

51 - 200 employees

⚕️ Healthcare Insurance

🔬 Science

🧬 Biotechnology

Description

• About Manifold: • As the amount of biomedical data types and scale continues to grow, old ways of working with data hold back the pace of progress — fragmented data, overwhelming omics, complex manual work, analysis backlogs, friction in secure collaboration, and barriers to distributing workflows. • We had a conviction about how to move us closer to a future of precision medicine by making it ten times faster and one-tenth the cost to generate knowledge, develop better treatments, and improve patient outcomes. • And so Manifold began its journey. We are a health research infrastructure company that enables researchers to focus on the high-impact research that matters most, by taking care of all the other stuff that gets in the way. • About the Role: • We are seeking an experienced Director, Information Security Compliance to lead and run our IT & Security compliance program. • This role will report directly to the CISO and operate compliance assurance activities for internal operations and our product. • The ideal candidate will be adept at navigating complex regulatory environments while working collaboratively with engineering, IT, legal, and other cross-functional teams. • This role is pivotal in ensuring that our organization adheres to a range of security standards, including HIPAA/HITRUST, ISO27001, SOC2, and FedRAMP. • We are rapidly growing so our compliance processes also need to be designed for scale to meet future needs. • What You’ll Do: • Manage the Compliance Program: Oversee and improve the compliance framework and ensure effective operation of compliance processes and controls to ensure sustained adherence to multiple security standards (SOC 2, HIPAA/HITRUST, ISO 27001, NIST, FedRAMP, etc.) and customer requirements • Strategic Alignment: Work closely with the CISO to align compliance efforts with business goals, providing key support in executing a robust compliance strategy • Collaboration: Partner with engineering, IT, legal, and other stakeholders to embed compliance requirements into operational and product development processes, including SDLC, third-party management, risk assessments and incident response • Broad Security Standards Focus: Oversee compliance efforts across a variety of standards and frameworks, addressing current needs while preparing for long-term business objectives • Hands-On Execution: Actively manage compliance-related activities, including responding to customer compliance requests, policy development, control implementation, gap analyses, and audit readiness • Decision-Making: Own and drive compliance-related decisions, ensuring timely, effective, and scalable solutions with supporting project and communication plans • Audit and Certification Support: Facilitate internal and external audits and maintain our customer-facing trust documentation, thus ensuring organizational readiness • Training and Awareness: Promote compliance awareness by developing and delivering training programs for team members • Risk Management: Identify and mitigate compliance risks while ensuring the program evolves with the regulatory landscape.

Requirements

• Bachelor’s degree in a relevant field (e.g., Information Security, IT Risk Management, Computer Science, or related) • 8+ years of experience in IT/security compliance, IT risk management, or information security roles, with hands-on program leadership • Strong knowledge of security frameworks and regulations, including SOC 2, HIPAA/HI-TRUST, FedRAMP, ISO 27001, NIST, and others • Proven ability to collaborate across technical and non-technical teams, with excellent communication skills • Experience designing and operating compliance programs with a continuous improvement approach • Hands-on expertise in drafting policies, implementing controls, and leading audit readiness efforts • Project management skills with the ability to prioritize and execute multiple initiatives simultaneously • Experience in a high-growth, technology company • Familiarity with IT risk management aspects of cloud service models and architectures • Certifications such as CISSP, CISM, CISA, or equivalent are preferred