Security and Compliance Manager

Job not on LinkedIn

November 22

Apply Now

Receive Emails with Similar Jobs

Opala

WebsiteLinkedInAll Job Openings

Healthcare Insurance • SaaS • API

Opala is a company that specializes in providing software solutions for the healthcare industry, focusing primarily on healthcare payers such as health plans and pharmacy benefit managers. The company aims to transform data into a competitive advantage by improving data quality and providing insights to enhance revenue growth, decrease expenses, and improve patient outcomes. Opala's solutions streamline workflows, enhance administrative efficiency, and identify care gaps. With a strong focus on data security and reliability, Opala offers scalable and automated solutions tailored for healthcare providers. Additionally, they provide APIs through their Developer Toolkit for seamless integration with third-party applications, helping healthcare organizations achieve better patient matching and real-time benefits tracking.

11 - 50 employees

⚕️ Healthcare Insurance

☁️ SaaS

🔌 API

📋 Description

• Own and maintain the company’s Information Security Management System (ISMS) • Lead annual and recurring compliance certifications (SOC 2, HIPAA, HITRUST) • Respond to customer security questionnaires and due diligence requests • Oversee vendor risk management, including contracts, reviews, and security posture assessments • Manage MSP performance (IT and SOC/MDR) and ensure evidence feeds align with audit requirements • Mentor and guide other Engineers and Stakeholders in evidence collection, reporting, and process maturity • Define, implement, and maintain security policies, standards, and procedures • Serve as the main point of contact for auditors, regulators, and external security partners • Report compliance and risk posture to leadership and the board

🎯 Requirements

• Bachelor’s degree in information security, risk management, or related field (or equivalent experience) • 6+ years of experience in security, compliance, or risk management roles, with 3+ years in a leadership capacity • Experience working with SOC 2, HIPAA, and HITRUST frameworks • Experience working in a Cloud-based SaaS Platform • Familiarity with healthcare data security and PHI handling • Experience with Drata's GRC and compliance automation platform • Strong organizational skills and ability to manage multiple audit and certification workstreams • Excellent written and verbal communication skills, with the ability to translate compliance requirements into clear actions for engineering and business teams • Hands-on experience modernizing segregation of duties in a highly regulated environment

🏖️ Benefits

• medical, dental, vision, life and AD&D insurance • EAP • short-term and long-term disability • 16 days PTO • 8 paid holidays • fully paid holiday closure • parental and family medical leave • 401k • stock options • annual bonuses and salary increases based on merit