1h ago
Senior Security Engineer - Compliance and Risk
New York, NY
$150,000-$185,000 / year
full-timesenior Hybridhealthcare
Description
You will own the governance and compliance lifecycle for security programs, ensuring vulnerability management, privacy, data retention, and business continuity meet SOC 2, HIPAA, and HITRUST standards. You'll collaborate with engineering teams to implement remediation and maintain audit readiness.
Requirements
- 3-5+ years in Information Security, GRC, Vulnerability Management, or IT Audit
- Proven experience managing compliance verticals like vulnerability management or business continuity
- Ability to translate compliance requirements into technical tasks for engineering teams
- Exceptional documentation skills
- Ability to drive consensus across teams without direct authority
Responsibilities
- Oversee compliance aspects of vulnerability management, ensuring scan SLAs and audit-ready evidence
- Manage adherence to internal privacy policies and external regulations (HIPAA, CCPA)
- Coordinate DR/BCP exercises and maintain documentation
- Serve as primary contact for SOC 2 and HITRUST audits, managing evidence and remediation
- Conduct periodic privacy impact assessments for new products or features
0 views 0 saves 0 applications