Apply on Employer Site

H1 · 8 hours ago

Security Compliance Program Manager

New York, United States

Full-time

Hybrid

Mid Level

$90K/yr - $115K/yr

4+ years exp

H1 is a healthcare data company focused on improving healthcare access and equity. The Security Compliance Program Manager will oversee compliance programs, manage audit readiness, and ensure that compliance processes are embedded into operational practices.

BiotechnologyHealth CareLife ScienceMedicalTherapeutics

Comp. & Benefits

Responsibilities

Own the compliance calendar, including timelines, milestones, check-ins, and recurring evidence collection across SOC 2, ISO 27001, and HITRUST

Drive audit readiness end-to-end by maintaining compliance roadmaps, dependencies, and deliverables to ensure work stays on track throughout the year

Operate Thoropass day-to-day by assigning evidence requests, sending reminders, maintaining clean artifacts, managing dashboards, and supporting basic workflows and access as needed

Coordinate audit activities by tracking auditor requests, managing deadlines, and ensuring responses are complete, accurate, and submitted on time

Partner cross-functionally with IT, Engineering, Product, HR, Legal, and Operations to assign ownership, align expectations, and drive follow-through

Draft, update, and maintain security and compliance policies and procedures that align required controls with real operational practices

Create new security and compliance policies as needed to support evolving business practices, audit requirements, and control gaps, ensuring policies are practical, clear, and aligned with how the company actually operates

Run compliance operations by managing policy review cycles, control narratives, version control, and evidence consistency across frameworks

Track findings and remediation by logging gaps, assigning owners and due dates, and validating closure and remediation evidence

Qualification

SOC 2ISO 27001HITRUSTCompliance toolsProgram managementPolicy draftingAttention to detailCross-functional coordination

Required

4+ years of experience in program management, compliance coordination, security operations, or a similar cross-functional role

Strong familiarity with SOC 2

Solid project and program management fundamentals, including task tracking, dependency management, and stakeholder follow-up

Excellent documentation skills and attention to detail (naming conventions, versioning, evidence quality)

Experience drafting and maintaining policies and procedures aligned to operational reality

Experience using compliance tools such as Thoropass, Drata, or Vanta

Preferred

Hands-on experience with ISO 27001 and/or HITRUST

Experience using compliance tools such as Thoropass, Drata, or Vanta (Thoropass preferred)

Benefits

Full suite of health insurance options, in addition to generous paid time off

Pre-planned company-wide wellness holidays

Retirement options

Health & charitable donation stipends

Impactful Business Resource Groups

Flexible work hours & the opportunity to work from anywhere

Company

H1

Glassdoor3.8

At H1, our mission is nothing short of creating a healthier future worldwide by unlocking and democratizing global access to critical expertise, HCP information, claims data, ground-breaking research and discoveries, and connected insights for all – doctors, researchers, industry and, ultimately, patients – bringing everyone closer together to advance medicine and clinical outcomes.

Founded in 2017

New York, New York, USA

201-500 employees