Vālenz® Health

Compensation

Full Description

Description: • Lead and maintain SOC 2 and HITRUST compliance programs, ensuring evidence is current and aligned with control requirements • Utilize Vanta to automate evidence collection, track remediation tasks, and maintain real-time compliance visibility across systems • Act as the primary liaison with auditors and assessors during certification reviews • Oversee enterprise compliance with NIST, SOC 2, and HITRUST frameworks, ensuring consistent control implementation and documentation • Continuously improve audit readiness processes and coordinate internal control testing • Lead the information security risk assessment program, including periodic evaluation of internal systems, business processes, and third-party vendors • Manage and track client and third-party security risk assessment requests; coordinate internal teams to ensure accurate and timely responses • Log all requests in a centralized system with requester details, completion date, and response metrics • Support the development and tracking of mitigation plans for identified vulnerabilities or compliance gaps • Design, implement, and oversee the Business Continuity and Disaster Recovery (BC/DR) program • Conduct tabletop exercises and live failover tests with IT and business leaders to validate operational resilience • Ensure recovery documentation and communication protocols align with corporate and regulatory requirements • Partner with IT Service Operations and third-party providers to manage security and privacy awareness programs • Measure training effectiveness and engagement metrics; drive continuous improvement • Promote a security-first culture across all business units • Mentor Security Assurance Analysts, providing guidance on audit preparation, control validation, and risk mitigation activities • Review and advise on security design for IT projects to ensure alignment with established policies and standards • Foster collaboration between IT, Legal, Compliance, and business teams to maintain enterprise-wide alignment on security priorities • Perform additional Security Assurance duties as assigned by leadership. Requirements: • 5+ years of experience in information security, compliance, or risk management • Bachelor’s degree in information security, computer science, or related field • Proven experience leading SOC 2, HITRUST, or NIST compliance programs • Ability to work in a fast-paced, detailed, deadline-driven environment • Experience working independently with strong time management and organizational skills • Strong aptitude for relationship building with a highly effective communication style Benefits: • Competitive benefits package with generous employer subsidies • Flexible and remote working options • 401k with generous employer match and immediate vesting • Personal and professional development opportunities • Supportive family benefits, including paid leave for new family members • Companywide philanthropic program, Valenz Communities Connection