Security Governance Program Manager

Position Overview

• Location Type: Remote
• Employment Type: Full-time
• Salary: $110,000 - $140,000 (Base salary range) + Annual Bonus

Imagine Pediatrics is an innovative, tech-enabled, pediatrician-led medical group that helps children with special health care needs get the quality 24/7 care and support they deserve, right from home. We are committed to reimagining pediatric health care together, improving the health and lives of children with special health care needs by breaking down barriers and providing access to virtual-first and in-home medical, behavioral, and social care. We partner with parents, caregivers, providers, community resources, and health plans to deliver unwavering, 24/7 support.

Responsibilities

• Serve as a key subject matter expert (SME) for governance, risk, and compliance within Imagine Pediatrics' information security team.
• Support the implementation and ongoing program management for HITRUST r2 certification.
• Maintain Imagine Pediatrics' security policies, standards, and procedures.
• Lead and enhance the third-party/vendor risk management program.
• Administer the security GRC toolset, including the enterprise risk register.
• Coordinate and drive internal security risk assessments and auditing activities.
• Collaborate with business and clinical teams to ensure effective ePHI management.
• Respond to third-party security and privacy diligence requests.
• Work with external auditors and partners on security certifications and attestations.

Requirements

• BS degree in computing, information security, or a related field. MS degree preferred.
• 5+ years of information security GRC or audit experience accepted in lieu of a degree.
• Strong experience implementing and maintaining a HITRUST r2 program.
• Working knowledge of healthcare industry security and privacy regulations (HIPAA, HITECH).
• Experience with SOC 2, ISO 27001 and NIST security frameworks.
• Industry certifications preferred, such as CRISC, CISA, CISM, or ISO 27001 Lead Auditor.
• Prior experience supporting security in healthcare companies.
• Experience with compliance automation tools like Hyperproof, Drata or Vanta is a plus.

What We Offer (Benefits + Perks)

• Base salary range of $110,000 - $140,000
• Annual bonus
• Competitive company benefits package
• Eligibility to participate in an employee equity purchase program (as applicable)