Security and Compliance Engineer

Salt Lake City, Utah
Security – InfoSec /
Full-Time /
Remote
We are seeking a dedicated Security and Compliance Engineer to join our team. You will be responsible for assessing our security compliance requirements, developing a comprehensive compliance roadmap, and maintaining all security documentation and policies. You will also manage risk assessments, respond to customer security concerns, and handle inquiries related to RFPs. Additionally, you will oversee our annual compliance efforts for SOC2, maintain our roadmap for HITRUST certification, and manage relationships with security-related vendors and auditors. 

How you will make an impact

    • Assess and develop the company’s security compliance requirements and roadmap. 
    • Maintain and update security documentation and policies regularly. 
    • Conduct risk assessments and communicate findings effectively. 
    • Respond to customer security questions, concerns, and requests for proposals (RFPs). 
    • Ensure annual compliance with SOC2 standards and maintain a roadmap for achieving HITRUST certification. 
    • Manage relationships with vendors and auditors related to SOC2 and other security audits. 
    • Recommend security software, policy frameworks, and best practices to enhance the company’s security posture. 
    • Collaborate with cross-functional teams to implement security pipelines and ensure security best practices are followed across all infrastructures. 

What we are looking for

    • Minimum of 2 years of experience in security and/or compliance roles. 
    • Strong experience with security and compliance in AWS environments. 
    • Proven track record in implementing security pipelines. 
    • Hands-on experience with security engineering and compliance, particularly within the SOC2 and/or HITRUST frameworks. 
    • Experience with FedRAMP is preferred. 
    • Deep understanding of security best practices and the ability to implement them across complex infrastructures. 
    • Experience in the healthcare or medical industry is highly desirable.