Senior Manager - Compliance & Information Security

Job Description :

Position Title : Senior Manager Compliance & Information Security

Domain : Healthcare / RCM

Department : Compliance & Information Security

Location : Hyderabad (Hybrid)

Work Schedule : 9 hours / day, 2-3 days a week (Flexible shift timing between 10 : 00 AM to 12 : 00 AM IST). Must be open to work in US / UK shifts as required.

Job Summary :

The Senior Manager Compliance & Information Security will play a critical role in the core compliance team and be responsible for managing, implementing, and maintaining various regulatory and compliance certifications for the organization, including but not limited to :

ISO 9001, ISO 27001, HIPAA, SOC 2, PCI DSS, HITRUST, VAPT, Cybersecurity Assessments, Dark Web & Attack Surface Monitoring, and Third-Party Vendor Management.

Roles and Responsibilities :

• Serve as a point of contact for all compliance and information security matters internally and externally.
• Participate in internal and external audits for ISO, HIPAA, SOC 2, PCI DSS, HITRUST, and other security frameworks.
• Develop, review, and maintain company policies, SOPs, and compliance training programs.
• Ensure timely implementation of corrective actions for all compliance observations.
• Promote awareness and enforce compliance across departments.
• Prepare and submit detailed reports to CISO / Management on compliance status.
• Perform internal audits to proactively identify and mitigate security and compliance risks.
• Conduct third-party vendor audits and manage associated documentation.
• Handle tools and processes related to Dark Web and Attack Surface Monitoring.
• Coordinate and respond to client security questionnaires and RFPs.
• Drive phishing simulation campaigns and monitor outcomes.
• Disseminate awareness mailers and compliance-related communications to employees.

(ref : hirist.tech)