Manager-Information Security Risk & Compliance

This position is posted by Jobgether on behalf of a partner company. We are currently looking for a Manager-Information Security Risk & Compliance in United States.

This role is responsible for leading and enhancing enterprise information security risk and compliance activities within a regulated environment. You will oversee the execution of risk assessments, compliance monitoring, and governance processes that ensure alignment with internal policies and external regulatory frameworks. Acting as a key advisor, you will help strengthen security controls, improve risk visibility, and support decision-making across technical and business teams. The position plays a critical role in maintaining audit readiness, including HITRUST and other compliance requirements, while driving continuous improvements in security practices. You will also contribute to reporting and executive-level insights through dashboards, KPIs, and risk metrics. This is a highly collaborative and impactful role within a security-focused organization where precision, accountability, and communication are essential.

• Lead and oversee day-to-day information security risk and compliance activities across enterprise systems and processes
• Maintain, enhance, and manage the risk assessment framework and ensure the accuracy of the enterprise risk register
• Support compliance with regulatory standards, industry frameworks (including HITRUST), and internal security policies
• Conduct internal security audits and assist in third-party control assessments to ensure control effectiveness
• Analyze security risk data and produce dashboards, KPIs, and executive-level reporting for leadership decision-making
• Review exceptions, escalate anomalies, and provide advisory guidance on security risk matters
• Collaborate with security operations, IT, and business teams to streamline processes and improve control effectiveness
• Oversee quality and timeliness of compliance deliverables while supporting team coordination and development
• Support audit readiness activities, including evidence collection and documentation for compliance requirements
• Serve as a subject matter expert providing risk-based recommendations and security guidance across the organization

Requirements:

• Bachelor’s degree in Information Security, IT, Computer Science, Business Administration, or equivalent experience
• Minimum of 5 years of experience in IT, information security, risk management, or IT audit roles
• Strong understanding of information security principles, governance frameworks, and risk management methodologies
• Experience working with security control frameworks, preferably HITRUST or similar regulated environments
• Proven experience conducting internal audits, control assessments, and compliance evaluations
• Strong analytical and critical thinking skills with the ability to interpret complex risk scenarios
• Ability to communicate clearly and effectively with both technical and non-technical stakeholders
• Experience developing reports, metrics, and executive-level presentations using tools such as Excel and reporting systems
• Strong organizational skills with the ability to prioritize, multitask, and manage competing deadlines
• Professional certifications such as CISA or CISSP are strongly preferred
• High level of integrity, attention to detail, and ability to maintain confidentiality in sensitive matters

Benefits:

• Competitive salary range between $89,300 and $149,000 annually depending on experience and qualifications
• Comprehensive medical, dental, and vision insurance coverage
• Fully remote work-from-home structure with provided equipment
• Flexible work environment supporting work-life balance
• Retirement savings plan (401k)
• Opportunities for professional development, training, and industry certifications
• Exposure to regulated, enterprise-scale security and compliance programs