Security Compliance Manager - Remote

Remote /
G&A – Security Compliance /
Full time
About the role:
Welkin is looking for an experienced security compliance manager to drive and own SOC2/HITRUST/HIPAA and other security initiatives. The ideal candidate is an intuitive self-starter with a passion for problem-solving and building robust processes. This position requires a track record of successfully preparing and managing SOC2/HITRUST/HIPAA programs in a SaaS / cloud technology environment. 
In this role, the candidate will provide timely reports to management and ensure that standards, policies, and procedures are followed to protect and grow Welkin’s business and operations. The candidate will work cross-functionally with all departments including engineering, people operations, finance, marketing, product, and customer success.

Responsibilities and what you’ll be doing:

    • Manage all aspects of Welkin’s SOC2/HITRUST/HIPAA program, including risk assessment, risk management, risk mitigation, monitoring/auditing, policy administration, addressing violations, and performing corrective actions
    • Collaborate with our 3rd party auditors and security compliance vendors
    • Be the first point of contact internally and externally for all security compliance questions
    • Monitor and manage business and technology activities that impact and involve SOC2/HITRUST/HIPAA applicable rules and regulations
    • Conduct periodic internal reviews or audits to ensure that SOC2/HITRUST/HIPAA procedures are followed 
    • Track relevant laws and regulations and update operating manuals, policies and procedures documents when regulations change
    • Gather expertise and knowledge from our security compliance partners and advisors and share essential knowledge internally to inform technology and vendor choices
    • Support people operations and engineering team with on- and offboarding employees

Requirements and what you need to be successful:

    • Min. 3 years of related security compliance experience in performing healthcare security compliance tasks 
    • Min. 3 years of related experience in a SaaS and cloud technology environment
    • Required SOC2 audit experience and knowledge of HIPAA regulations and laws
    • Required working knowledge of Jira and ideally JAMF
    • Preferred knowledge of EMR/EHR systems and HITRUST certification process
    • Excellent written and oral communication skills
    • Establish cross functional relationships within the organization
    • Previous experience working in a start-up environment without an extensive support system
    • Optimistic about the potential of changing our healthcare system


    • Comprehensive medical, dental and vision coverage
    • Option to contribute to your retirement via a 401k
    • Take the time off that you need to relax and have fun with Welkin’s flexible PTO policy. Employee’s tend to take anywhere from 2 weeks to 5 weeks of vacation, with an average of 3 weeks
    • Welkin Health is a fully remote company and provides you with a monthly benefit allowance of $200 to improve your working from home environment and wellness (e.g. gym membership)
    • You can contribute pre-tax dollars to medical, dental, vision and dependent care expenses through FSA/DCFSA
    • Generous parental leave policy for all parents, no matter gender identity or birth manner

About Welkin:
Welkin is a patient management software, which guides your team to better care. We configure your patient program into workflows that tell health workers when to do what, ensuring patients get care exactly when they need it.

Designed specifically for relationships between health care professionals and patients, our software makes engagement seamless and patient-centered, enabling health workers to build strong relationships for long-term healthy outcomes.

Our mission is to empower health organizations to deliver patient-centered care.

We want you to know:
You can be a great candidate even if you don't fit everything we've described above. You can also have important skills we haven't thought of. If that's you, don't hesitate to apply and tell us about yourself.

We are committed to diversity and building an equitable and inclusive environment for people of all backgrounds and experiences, and we're taking steps to meet that commitment. We especially encourage members of traditionally underrepresented communities to apply, including women, people of color, LGBTQ people, veterans, and people with disabilities.