Overview
Information Security Compliance Manager Jobs in United States at HYGIA
Title: Information Security Compliance Manager
Company: HYGIA
Location: United States
Company Description Healthcare was built around institutions. Patients are often left to navigate a fragmented system of providers, health plans, pharmacies, caregivers, and healthcare organizations. Hygia is helping rewire healthcare around the patient. The company is building Healthcare Relationship Infrastructure, a new category of technology designed to help healthcare organizations create trusted, ongoing relationships with the people they serve. Hygia's AI-powered digital human platform enables continuous engagement between patients and the healthcare system, helping individuals manage chronic conditions, improve medication adherence, close gaps in care, and better navigate their healthcare journey. By transforming disconnected encounters into ongoing relationships, Hygia helps providers, payers, pharmacies, and care teams improve participation, enhance patient experience, support better outcomes, and extend the reach of care management programs without proportionately increasing headcount. As healthcare continues to evolve toward value-based and patient-centered models, trusted relationships are becoming a strategic asset. Healthcare is wired around institutions. Hygia is helping rewire it around the patient.
Role Description The Information Security Compliance Manager will be responsible for overseeing and maintaining the company’s information security and regulatory compliance programs, including ISO 27001, HIPAA, SOC 2, ISO 42001, and HITRUST. This role will manage all administrative aspects of compliance certifications, coordinate with internal teams, and ensure ongoing compliance with applicable standards and regulations.
Key Responsibilities
- Manage the end-to-end process for the company’s compliance certifications (e.g., ISO 27001, HIPAA, SOC 2, ISO 42001, HITRUST).
- Serve as the primary point of contact for external auditors, assessors, and regulatory bodies.
- Oversee the collection and maintenance of documentation required for audits and ongoing compliance.
- Develop, update, and implement compliance policies, procedures, and controls in collaboration with relevant teams.
- Monitor changes to applicable regulations and standards, and ensure the company’s policies and practices are kept up to date.
- Lead internal compliance awareness training and coordinate with stakeholders across the business to drive compliance initiatives.
- Track and report on compliance status and risk exposures, communicating findings to leadership.
- Manage the remediation of compliance gaps and findings, following up with responsible parties as needed.
- Support incident response and risk management efforts as they relate to compliance.
- Coordinate periodic internal audits or readiness reviews to prepare for external audits/assessments.
Preferred Qualifications:
- Demonstrated experience managing compliance audits and certifications (ISO, SOC 2, HIPAA, etc.).
- Strong understanding of information security standards and regulatory requirements.
- Excellent organizational and project management skills.
- Strong written and verbal communication abilities.
- Security/Compliance certifications (e.g., CISA, CISM, CISSP, HCISPP, or similar) are a plus.
- Working knowledge of public cloud platforms such as AWS and SaaS technologies
- Prior experience working in a start-up or small healthcare technology company