Information Security Compliance Manager at MED-1 Solutions, LLC
Greenwood, Indiana, United States -
Full Time


Start Date

Immediate

Expiry Date

18 May, 26

Salary

150000.0

Posted On

17 Feb, 26

Experience

5 year(s) or above

Remote Job

Yes

Telecommute

Yes

Sponsor Visa

No

Skills

PCI DSS Compliance, SOC 2 Compliance, FISMA Compliance, HIPAA Compliance, NIST 800-53, Audit Management, Risk Assessment, Policy Development, Vendor Risk Management, Vulnerability Scanning, Security Awareness Training, Project Management, AWS Knowledge, Serverless Architecture, Technical Control Implementation, Gap Analysis

Industry

Hospitals and Health Care

Description
Description The Information Security Compliance Manager is responsible for developing, implementing, and maintaining an enterprise-wide compliance program for PCI DSS, SOC 2 Type II, FISMA, and other compliance expectations as needed. This role bridges technical security controls with regulatory requirements, ensuring that systems and processes protecting cardholder data, customer data, patient data and federal information are secure and auditable. Requirements Key Responsibilities of the Position Strategic Compliance & Governance Own and lead the overall compliance roadmap for PCI, SOC 2, HIPAA, and FISMA. Develop, update, and implement comprehensive information security policies, standards, and procedures. Translate complex regulatory requirements (NIST 800-53 for FISMA, PCI DSS Council standards) into actionable technical and operational controls. Provide regular compliance status reports, risk dashboards, and metrics to senior management and stakeholders. Audit Management & Assessmen Act as the primary point of contact for external auditors (QSAs, CPA firms) during PCI audits, SOC 2 examinations, and federal assessments. Facilitate end-to-end audits, including scoping, walkthroughs, documentation gathering, and remediation tracking. Perform internal gap analyses to identify vulnerabilities in security controls and initiate corrective action plans (CAPAs). Operational Risk & Monitoring Monitor daily adherence to security policies (e.g., firewall configuration, access controls, log management). Oversee third-party vendor risk management to ensure vendors handling data are compliant. Coordinate penetration testing and vulnerability scanning (ASV scans) to identify compliance gaps. Training & Awareness Assist in development and management of training programs to ensure employees understand PCI, SOC 2, FISMA, HIPAA, and other requirements. Foster a culture of security awareness, ensuring that compliance by design is integrated into development and IT operations. Requirements of the Position Education: Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or related field. Experience: 5+ years of experience in IT compliance, information security, or auditing, with specific experience managing PCI and SOC 2/FISMA. Certifications (Highly Desirable): CISA (Certified Information Systems Auditor), CISM (Certified Information Security Manager), CISSP (Certified Information Systems Security Professional), or PCIP/ISA (PCI Internal Security Assessor). Technical Knowledge: Deep understanding of NIST 800-53, PCI-DSS, and SOC 2 Trust Service Criteria (Security, Confidentiality, Availability). Knowledge of AWS and serverless architecture helpful Preferred Skills: Exceptional analytical, organizational, and project management skills, with the ability to articulate technical security concepts to non-technical stakeholders. Top Challenges Complexity: Balancing the distinct, sometimes conflicting, requirements of three separate frameworks. Dynamic Threats: Keeping up with evolving cyber threats and updating controls to meet new, stricter standards. Cross-Functional Collaboration: Coordinating with IT, engineering, legal, and HR to ensure adherence across all departments. What RevOne Offers Salary range of $100,000 per year to $150,000 per year, based on experience and qualifications Competitive benefits package (details provided during interview process) Paid time off and holidays Professional growth opportunities within RevOne Companies Collaborative, team-oriented, in-office work environment If you are a motivated and organized professional with a passion for compliance, we would love to hear from you! Apply today to join our team as Information Security Compliance Manager! Location: Greenwood, IN Work Arrangement: In-Office – Require Salary: Salary range of $100,000 per year to $150,000 per year, commensurate with experience Employment Type: Full-Time
Responsibilities
The Information Security Compliance Manager will own and lead the enterprise-wide compliance roadmap for frameworks like PCI, SOC 2, HIPAA, and FISMA, translating complex regulatory requirements into actionable security controls. This role also involves acting as the primary contact for external auditors, facilitating end-to-end audits, and tracking corrective action plans.
Loading...