Security Compliance Program Manager
Listed on 2026-01-15
-
IT/Tech
Cybersecurity, Data Security
At H1, we believe access to the best healthcare information is a basic human right. Our mission is to provide a platform that can optimally inform every doctor interaction globally. This promotes health equity and builds needed trust in healthcare systems. To accomplish this our teams harness the power of data and AI-technology to unlock groundbreaking medical insights and convert those insights into फर action that result in optimal patient outcomes and accelerate an equitable and inclusive drug development lifecycle.
Visit to learn more reviewing our platform.
WHAT YOU’LL DO AT H1
As a Compliance Program Manager you will own the day‑to‑day execution of H1’s compliance programmes across SOC 2, ISO 27001 and HITRUST. You’ll manage timelines, coordinate evidence collection, maintain audit‑ready artifacts in Thoropass and ensure audits and assessments run smoothly end‑to‑end. This is a hands‑on, operational role focused on execution, follow‑through and cross‑functional coordination.
You will:
- Own the compliance calendar, including timelines, milestones, check‑ins and recurring evidence collection across SOC 2, ISO 27001 and HITRUST.
- Drive audit readiness end‑to‑end by maintaining compliance roadmaps, dependencies and deliverables so work stays on track throughout the year.
- Operate Thoropass day‑to‑day by assigning evidence requests, sending reminders, maintaining clean artefacts, managing dashboards, and supporting basic workflows and access as needed.
- Coordinate audit activities by tracking auditor requests, managing deadlines and ensuring responses are complete, accurate and submitted on time.
- Partner cross‑functionally with IT, Engineering, Product, HR, Legal and Operations to assign ownership, align expectations, and drive follow‑through.
- Draft, update and maintain security and compliance policies and procedures that align required controls with real operational practices.
- Create new security and compliance policies as needed to support evolving business practices, audit requirements and control gaps ensuring policies are practical, clear and aligned with how the company actually operates.
- Run compliance operations by managing policy review cycles, control narratives, version control and evidence consistency across frameworks.
- Track findings and remediations by logging gaps, assigning owners and due dates, and validating closure and remediation evidence.
You thrive in fast‑paced, resource‑constrained environments and take pride in making compliance “invisible” when things are working well. You are highly organised, detail‑oriented and persistent, with the ability to keep complex work streams moving forward without formal authority.
You are comfortable being both an operator and an enabler, owning the compliance system end‑to‑end, following up relentlessly to close gaps and creating structure where none exists. You enjoy turning ambiguous requirements into clear, practical processes and policies that teams can realistically follow.
This role is a strong fit if Verify:
- Acting as a primary owner of compliance programmes, not supporting compliance as a side responsibility.
- Executing SOC 2, ISO 27001 and/or HITRUST programmes end‑to‑end in growing organisations. सम्म होंकरण खत्म >न तर प्रमुख ससधन। (Create, refine and maintain security and compliance policies that reflect real operational practices.)
- Managing compliance tooling (e.g. Thoropass, Drata, Vanta) and using it to drive accountability and visibility.
- Coordinating cross‑functionally, tracking dozens of parallel work items, and holding stakeholders accountable to timelines.
- 4+ years of experience in program management,…
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).