Jobs · Information Technology · New Hampshire

Security and Compliance Manager

TALON · Portsmouth, NH · 1 mo ago
On-siteInformation TechnologyFull-time

Key Responsibilities

  • Lead TALON’s information security program
  • Maintain and improve the organization’s security controls, processes, and policies
  • Manage security incident response planning and procedures
  • Oversee vulnerability management and security monitoring
  • Conduct periodic security risk assessments
  • Partner with engineering to support secure development and infrastructure practices
  • Own and maintain TALON’s SOC 2 compliance program
  • Coordinate with external auditors during annual SOC 2 assessments
  • Maintain and update security policies, procedures, and internal controls
  • Support vendor risk management and third-party security reviews
  • Respond to client security questionnaires and due diligence requests
  • Oversee and maintain TALON’s internal IT security environment
  • Manage identity and access management processes
  • Perform regular access reviews and privilege management
  • Maintain secure employee onboarding and offboarding procedures
  • Oversee endpoint security and device management
  • Manage and maintain internal network security infrastructure
  • Ensure appropriate logging, monitoring, and system security controls are in place
  • Oversee AML & Financial Risk Oversight
  • Oversee TALON’s anti-money laundering (AML) and financial risk oversight related to the company’s healthcare rewards program
  • Maintain AML policies and escalation procedures
  • Coordinate with financial institutions and vendors responsible for payment processing
  • Support sanctions screening and fraud risk monitoring processes
  • Security Awareness & Training
  • Maintain TALON’s security awareness and training program
  • Education employees on security best practices and compliance requirements
  • Promote a culture of security awareness across the organization

Qualifications

  • 5+ years of experience in information security, compliance, or governance roles
  • Experience managing SOC 2 compliance programs
  • Familiarity with HIPAA security and privacy requirements
  • Experience working in technology, SaaS, or healthcare technology environments
  • Understanding of security frameworks such as SOC 2, NIST, or ISO 27001
  • Experience working with engineering teams on security controls
  • Preferred: Experience serving as a security or compliance lead in a growing technology company
  • Preferred: Familiarity with cloud infrastructure security (AWS preferred)
  • Preferred: Experience supporting healthcare data environments
  • Preferred: Experience with vendor risk management programs
  • Preferred: Experience supporting security audits and regulatory reviews

Similar jobs