Senior Manager, Infosec, IT & Compliance

Job not on LinkedIn

🔥 0 minutes ago

🇨🇦 Canada – Remote

💵 $165k - $180k / year

⏰ Full Time

🟠 Senior

💻 IT Support

Apply Now
Find Similar Remote Jobs

📊 Check your resume score for this job

Improve your chances of getting an interview by checking your resume score before you apply.

Logo of Practice EHR

Practice EHR

51 - 200 employees

Founded 2014

⚕️ Healthcare Insurance

☁️ SaaS

🤖 Artificial Intelligence

Healthcare Insurance • SaaS • Artificial Intelligence

Practice EHR is a comprehensive electronic health record (EHR) software solution designed specifically for medical professionals. It offers an array of features that streamline practice management, including scheduling, e-prescribing, billing, and reporting. With a user-friendly interface and cloud-based accessibility, Practice EHR allows healthcare providers to focus more on patient care and less on administrative tasks, making it suitable for practices of any specialty and size.

📋 Description

• Manage multi-jurisdictional compliance execution - Support implementation of HIPAA/HITECH, GDPR/UK GDPR, PIPEDA, Quebec Law 25, PHIPA, and emerging privacy laws and coordinate with legal counsel on complex regulatory matters. • Drive vendor risk management and BAA/DPA lifecycle - Negotiate and finalize Business Associate Agreements and Data Processing Agreements with subprocessors, ensuring breach notification timelines meet calendar-day standards, data deletion commitments are defined, and subprocessor transparency obligations are satisfied. • Mature security posture and operational resilience - Partner with Engineering to implement security controls that support SOC 2 Type II and ISO 27001 readiness, lead incident response planning and breach notification workflows, and establish monitoring/alerting. • Embed privacy-by-design across product and engineering - Collaborate with Product and Engineering leadership to assess PHI exposure in new features, define data minimization strategies, and guide architecture decisions that reduce compliance risk. • Lead IT operations and service delivery - Own user onboarding / offboarding workflows, device provisioning and management, and IT service delivery for a remote-first team, partnering with HR on seamless employee lifecycle management. • Drive Identity & Access Management (IAM) strategy - Own identity provider configuration and access control policies, implementing least-privilege access principles, periodic access reviews, and role-based access control (RBAC) frameworks. • Manage endpoint security and device management - Define and enforce endpoint security standards (MDM, disk encryption, antivirus, patching). Establish laptop procurement standards and remote device management policies. Coordinate with Engineering on developer tooling and access requirements. • Own SaaS vendor rationalization and procurement hygiene - Conduct regular vendor intelligence audits to identify tool overlaps, license waste and procurement gaps. Partner with Finance on SaaS spend optimization. • Strengthen the InfoSec, IT & Compliance function - Develop and refine processes, tooling, and documentation to support organizational growth. Manage and mentor the IT Operations team. Partner with third-party compliance advisors to accelerate maturity. • Act as the bridge between Legal, Engineering, IT, and the business — Translate complex legal language into actionable engineering requirements. Partner with Customer Success on practitioner-facing compliance communications. Coordinate cross-functional responses to regulatory inquiries, audits, and customer due diligence requests.

🎯 Requirements

• 6+ years of relevant experience in information security, IT operations, privacy, and compliance roles, with at least 2+ years in healthcare SaaS or regulated industry • Deep expertise in HIPAA/HITECH compliance, including Business Associate obligations, breach notification requirements, and Covered Entity vs. Business Associate determination frameworks • Strong working knowledge of GDPR/UK GDPR and cross-border data transfer mechanisms • Proven ability to negotiate and finalize vendor BAAs and DPAs, with a strong understanding of must-have vs. nice-to-have contractual terms • Experience implementing security frameworks (SOC 2, ISO 27001, or equivalent) and managing third-party audits or certifications • Hands-on experience leading IT operations for remote-first organizations, including identity & access management, device provisioning, and SaaS vendor management • Prior experience building or scaling InfoSec, IT, and compliance functions from scratch in high-growth SaaS companies • Technical grounding in SaaS architecture, APIs, data flows, infrastructure (cloud environments like AWS), and identity providers (Google Workspace, Okta, Microsoft 365) • Exceptional communication skills - you can translate legal jargon into plain language for practitioners, write concise vendor negotiation emails, and present compliance strategies to executive leadership with clarity and confidence • Bias for action and pragmatic risk management - you know when to escalate to legal counsel and when to make judgment calls independently • Comfortable operating in a fast-moving, high-growth environment where priorities shift and ambiguity is the norm.

🏖️ Benefits

• Comprehensive health and dental benefits from day 1 • RRSP matching • Generous paid parental leave • Annual learning stipends • Unlimited vacation • $750 annual Health & Wellness Allowance • $1,000 annual Learning & Development Allowance to support your growth • $500 annual Home Office Allowance to set up a productive remote workspace • Personalized support for family-building and fertility journeys • Confidential, digital mental health support from licensed professionals • Company-wide holiday closure in December • Regular virtual company-wide events, lunches, and team socials to stay connected

Apply Now

Similar Jobs

🕒 3 days ago

Best Buy Canada

10,000+ employees

🛒 Retail

🛍️ eCommerce

Enterprise Architect at Best Buy overseeing reverse logistics and technical strategy. Driving improvements in supply chain operations and technology integration across various functions.

🇨🇦 Canada – Remote

💵 $140k - $145k / year

⏰ Full Time

🟡 Mid-level

🟠 Senior

💻 IT Support

🕒 4 days ago

BPM LLP

501 - 1000

💸 Finance

☁️ SaaS

Assurance Manager providing strategic oversight of audit quality management for clients at BPM. Shaping long-term quality strategy and guiding leadership development in assurance practice.

🇨🇦 Canada – Remote

💵 $130k - $160k / year

⏰ Full Time

🟡 Mid-level

🟠 Senior

💻 IT Support

🕒 4 days ago

Acosta

10,000+ employees

🤝 B2B

🛍️ eCommerce

🛒 Retail

IT Project Manager II managing delivery of technology initiatives across Brand Advocacy Solutions. Ensuring alignment across teams and successful delivery of solutions that support business operations and efficiency.

🇨🇦 Canada – Remote

💵 $75k - $95k / year

💰 Venture Round on 2003-01

⏰ Full Time

🟡 Mid-level

🟠 Senior

💻 IT Support

🕒 June 25

Exposant 3 - Recrutement Et Accompagnement De Consultants

11 - 50

🤖 Artificial Intelligence

🔒 Cybersecurity

☁️ SaaS

IT Technician involved in programming and implementation using Oracle ERP tools for Quebec's government projects. Collaborating with teams to ensure service continuity and adherence to best practices.

🗣️🇫🇷 French Required

🕒 June 17

RemoteWoman

1 - 10

👥 B2C

🛍️ eCommerce

🎯 Recruiter

Senior Risk & Audit Specialist overseeing audits and compliance for a cloud application platform. Collaborating cross-functionally, ensuring security posture across global operations.