Security Manager at Hearst Health | Hybrid Hired

About the role

Security Manager designing and operationalizing SOC2 compliant policies at MarketProminence. Overseeing audits and collaborating with various teams to ensure security compliance.

Responsibilities

Lead the company’s SOC 2 Type II and HIPAA compliance initiatives from planning through certification.
Develop, draft, and maintain security, IT, and privacy policies aligned with SOC 2, HIPAA, NIST, and other relevant standards.
Establish and maintain a security roadmap, including milestones, control gaps, remediation steps, and timelines.
Implement, configure, and administer the company’s GRC platform.
Map controls, evidence sources, workflows, and automated tests within the GRC tool.
Ensure continuous monitoring and automated evidence collection is accurate and functioning.
Serve as the primary liaison for external auditors, assessors, and compliance partners.
Prepare audit-ready documentation, evidence, and controls for SOC 2 Type II and HIPAA audits.
Train internal teams on new policies, procedures, and compliance requirements.
Collaborate with Engineering and DevOps to implement technical security controls (e.g., logging, access management, encryption, vulnerability management).
Maintain the MarketProminence risk register and ensure timely risk assessments.
Stay current with regulatory requirements and industry frameworks (e.g., SOC 2, HIPAA).

Requirements

3–7+ years of experience in security, compliance, IT risk, or related field.
Direct experience with SOC 2 Type II and/or HIPAA compliance initiatives.
Strong familiarity with common GRC tools and compliance automation platforms.
Experience drafting policies, procedures, and technical security documentation.
Ability to manage audits, communicate with auditors, and gather required evidence.
Understanding of security best practices (access control, encryption, logging, vulnerability management, cloud security).
Excellent organizational, project management, and cross-functional communication skills.
Bachelor’s Degree or relevant certifications.

Benefits

Medical, vision, and dental plans for full time employees
401(k) offered with a generous match
Benefits begin on first day of the month following employment
Exercise/Health Club reimbursement opportunity
Monthly dependent care reimbursement opportunity
Short Term and Long-Term disability
Basic Term Life and AD&D Insurance
Generous PTO and Company Paid Holidays

Similar roles

Browse all Security Engineer jobs

4 hours ago

SP

Protection and Security Specialist

secura protect

Fachkraft für Schutz und Sicherheit supporting public and private safety while protecting individuals and assets. Engage in preventing conflicts and recognizing dangers across various settings.

Onsite Role

Langenselbold Germany Security Engineer

5 hours ago

EB

Senior Software Engineer, Cloud Security

eBay

Senior Software Engineer at eBay developing cloud - native security services and mentoring teams. Focused on high availability and secure coding practices with a scalable infrastructure.

Hybrid Role

San Jose United States Security Engineer

$118,800 - $205,600 per year

6 hours ago

DA

Projektmanager – IT-Infrastruktur, IT-Security

DATAGROUP

Project manager for IT infrastructure within IT security projects at DATAGROUP. Engaging in project management and communication with technical teams and clients.

Hybrid Role

Germany Security Engineer

8 hours ago

VI

Senior Consultant, SAP Security

Vi

Senior SAP Security Consultant designing future SAP security solutions for clients. Engaging with technological challenges and supporting digital transformation efforts.

Hybrid Role

Bielefeld Germany Security Engineer

9 hours ago

TR

Cybersecurity Engineer – Application Federation

Truist

Cybersecurity Engineer managing identity and access controls for enterprise applications at Truist. Expertise in Microsoft Entra and troubleshooting access issues in complex environments.

Onsite Role

Atlanta United States Security Engineer

9 hours ago

TR

Cybersecurity Compliance Consultant – SOX, Compliance Testing

Truist

Cybersecurity Compliance Consultant performing SOX IT compliance testing at Truist. Assessing corporate cybersecurity compliance and managing risk and compliance functions across various locations.

Onsite Role

Atlanta United States Security Engineer

10 hours ago

HA

Senior Consultant, IT Security & Audits

HiSolutions AG

IT Security Consultant conducting technical audits and consulting on cybersecurity for various sectors. Developing tailored security strategies and ensuring compliance with regulations.

Hybrid Role

Germany Security Engineer

10 hours ago

HA

Senior Consultant — IT Security & Audits

HiSolutions AG

Senior Consultant in IT Security for a growing consulting firm in Bonn. Conducting security audits, developing strategies, and consulting on cyber security topics.

Hybrid Role

Bonn Germany Security Engineer

10 hours ago

HA

Senior IT Security Consultant, Audits

HiSolutions AG

Senior Consultant in IT Security conducting audits and creating security strategies. Advising clients in cybersecurity and ensuring compliance with regulations.

Hybrid Role

Nürnberg Germany Security Engineer

10 hours ago

LE

Principal Security Engineer – IAM

Lennar

Principal Security Engineer at Lennar responsible for implementing IAM and Cloud Security strategies. Leading complex security assessments and mentoring engineers while aligning initiatives with business goals.

Onsite Role

Irving United States Security Engineer