×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Data Security Information Security

SOC Compliance Program Manager

Job in New York City, Richmond County, New York, USA
Listing for: H1
Full Time position
Listed on 2026-02-02
Job specializations:
  • IT/Tech
    Cybersecurity, Data Security, Information Security
Job Description & How to Apply Below
At H1, we believe access to the best healthcare information is a basic human right. Our mission is to provide a platform that can optimally inform every doctor interaction globally. This promotes health equity and builds needed trust in healthcare systems. To accomplish this our teams harness the power of data and AI-technology to unlock groundbreaking medical insights and convert those insights into action that result in optimal patient outcomes and accelerates an equitable and inclusive drug development lifecycle.

Visit  to learn more about us.

H1's IT and Security team's enables the business to scale responsibly by ensuring our systems, data, and processes meet the security, privacy, and compliance expectations of our customers, partners, and regulators. As a healthcare data company working with enterprise customers, maintaining strong compliance foundations is critical to trust, growth, and long-term success. This role plays a central part in keeping H1 audit-ready and ensuring compliance work is organized, predictable, and embedded into how we operate.

This is a hands-on security compliance operations role focused on executing SOC 2, ISO 27001, and HITRUST audits end-to-end. It is not a GRC, audit, or security engineering role.

WHAT YOU'LL DO AT H1

As a Security Compliance Program Manager, you will own the day-to-day execution of H1's compliance programs across SOC 2, ISO 27001, and HITRUST. You'll manage timelines, coordinate evidence collection, maintain clean and audit-ready artifacts in Thoropass, and ensure audits and assessments run smoothly end-to-end. This is a hands-on, operational role focused on execution, follow-through, and cross-functional coordination.

You will:

- Own the compliance calendar, including timelines, milestones, check-ins, and recurring evidence collection across SOC 2, ISO 27001, and HITRUST.

- Drive audit readiness end-to-end by maintaining compliance roadmaps, dependencies, and deliverables to ensure work stays on track throughout the year.

- Operate Thoropass day-to-day by assigning evidence requests, sending reminders, maintaining clean artifacts, managing dashboards, and supporting basic workflows and access as needed.

- Coordinate audit activities by tracking auditor requests, managing deadlines, and ensuring responses are complete, accurate, and submitted on time.

- Partner cross-functionally with IT, Engineering, Product, HR, Legal, and Operations to assign ownership, align expectations, and drive follow-through.

- Draft, update, and maintain security and compliance policies and procedures that align required controls with real operational practices.

- Create new security and compliance policies as needed to support evolving business practices, audit requirements, and control gaps, ensuring policies are practical, clear, and aligned with how the company actually operates.

- Run compliance operations by managing policy review cycles, control narratives, version control, and evidence consistency across frameworks.

- Track findings and remediation by logging gaps, assigning owners and due dates, and validating closure and remediation evidence.

ABOUT YOU

You thrive in fast-paced, resource-constrained environments and take pride in making compliance "invisible" when things are working well. You are highly organized, detail-oriented, and persistent, with the ability to keep complex work streams moving forward without formal authority.

You are comfortable being both an operator and an enabler, owning the compliance system end-to-end, following up relentlessly to close gaps, and creating structure where none exists. You enjoy turning ambiguous requirements into clear, practical processes and policies that teams can realistically follow.

This role is a strong fit if you have experience:

- Acting as a primary owner of compliance programs, not supporting compliance as a side responsibility

- Executing SOC 2, ISO 27001, and/or HITRUST programs end-to-end in growing organizations

- Creating, refining, and maintaining security and compliance policies that reflect real operational practices

- Managing compliance tooling (e.g., Thoropass, Drata, Vanta) and using it to drive…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search