×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Information Security IT Project Manager IT Consultant

Manager - IT Security Compliance

Job in Detroit, Wayne County, Michigan, 48228, USA
Listing for: Henry Ford Health System
Full Time position
Listed on 2026-03-07
Job specializations:
  • IT/Tech
    Cybersecurity, Information Security, IT Project Manager, IT Consultant
Salary/Wage Range or Industry Benchmark: 100000 - 130000 USD Yearly USD 100000.00 130000.00 YEAR
Job Description & How to Apply Below
Position: Manager - IT Security Compliance | Full Time

Manager - IT Security Compliance | Full Time

The IT Security Compliance Manager is responsible for overseeing the cybersecurity compliance program across the health system. This position ensures alignment with healthcare regulatory requirements, national security frameworks, and federal interoperability initiatives - including HIPAA, HITECH, CMS Promoting Interoperability, and TEFCA. This role leads enterprise-wide readiness for security compliance audits, manages regulatory attestations, and partners closely with the Cybersecurity GRC team, Privacy, Legal, and IT Operations to maintain a trusted and compliant security posture.

The IT Security Compliance Manager provides governance and oversight but does not directly manage or operate technical/security controls. The IT Security Compliance Manager is responsible for establishing and maintaining an enterprise-wide IT Compliance program. The position is responsible for identifying, directing, coordinating, evaluating, and reporting on security compliance management key performance indicators. The position is also responsible for project prioritization, strategic planning, execution, policies, procedures, and guiding practices.

REPORTING/RELATIONSHIPS:

The IT Security Compliance Manager reports to the Director, Cybersecurity GRC within the Information Privacy & Security Office. In addition, this position will work in a collaborative effort with IT and business unit leadership to ensure alignment with policies, processes, applicable laws, and regulations.

MANAGEMENT:

Provides leadership, vision, managerial oversight, development, implementation, and execution of Henry Ford Health security compliance management planning. Maintains policies and processes that enable Henry Ford Health to establish consistent, efficient, and appropriate oversight of services. Sets performance expectations for direct reports and provides constructive performance feedback on a regular basis.

Fosters a culture of customer service, disciplined business conduct, and healthy communication. Ensures each team member understands their role, assigned responsibilities, and is accountable for their performance. Allocates resources so timelines, commitments, and service levels from the team are met.

PRINCIPLE DUTIES AND RESPONSIBILITIES:

  • Oversee compliance with applicable healthcare cybersecurity regulations and frameworks including HIPAA Security Rule, HITECH, CMS Promoting Interoperability, and TEFCA.
  • Maintain awareness of evolving regulatory and accreditation requirements; interpret their impact on the organization’s cybersecurity posture.
  • Partner with the GRC Controls Manager to ensure security controls align with regulatory intent and audit readiness needs.
  • Serve as the central point of contact for compliance-related audits, assessments, and documentation requests.
  • Lead preparation and coordination for external and internal audits (HIPAA, HITRUST, PCI, TEFCA, CMS, OCR, GDPR, and others).
  • Oversee the organization’s annual HIPAA Security Rule and CMS Promoting Interoperability attestations.
  • Provides compliance metrics, dashboards, and reporting to leadership.
  • Track compliance findings through remediation and validate closure with responsible stakeholders.
  • Serve as compliance liaison for TEFCA participation, ensuring alignment with Common Agreement and QHIN framework security and privacy obligations.
  • Maintain documentation and evidence demonstrating adherence to TEFCA’s security, privacy, and breach response requirements.
  • Collaborate with Legal, Privacy, and Interoperability teams to maintain readiness for CMS-aligned network security certifications and attestations.
  • Review and maintain cybersecurity-related policies and standards to ensure consistency with regulatory requirements.
  • Provide compliance guidance for new technology initiatives, system integrations, and data exchange projects.
  • Serve as a subject matter expert to business and IT leadership on cybersecurity compliance, audit readiness, and TEFCA/CMS interoperability obligations.
  • Promote organizational awareness of regulatory responsibilities and audit readiness expectations.
  • Conducts performance reviews for team members and provides…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search