Senior Manager, Infosec, IT & Compliance
New
P
Practice BetterHealthcare SaaS
This particular role is currently open to Canadian-based candidates onlyFull-TimeManager
Salary165,000 - 180,000 CAD per year
Apply NowOpens the employer's application page
Job Details
- Experience
- 6+ years of relevant experience in information security, IT operations, privacy, and compliance roles, with at least 2+ years in healthcare SaaS or regulated industry
- Required Skills
- AWSGoogle WorkspaceHIPAA
Requirements
- 6+ years of experience in information security, IT operations, privacy, and compliance.
- 2+ years of experience in healthcare SaaS or a regulated industry.
- Deep expertise in HIPAA/HITECH compliance, including Business Associate obligations.
- Strong working knowledge of GDPR/UK GDPR and cross-border data transfer mechanisms.
- Proven experience negotiating and finalizing vendor BAAs and DPAs.
- Experience implementing security frameworks such as SOC 2 or ISO 27001.
- Hands-on experience managing IT operations in a remote-first organization.
- Technical grounding in cloud environments (AWS), APIs, and identity providers (Okta, Google Workspace, Microsoft 365).
- Experience building or scaling InfoSec, IT, and compliance functions.
- Excellent communication skills for translating legal requirements into engineering workflows.
Responsibilities
- Manage multi-jurisdictional compliance execution involving HIPAA, GDPR, PIPEDA, and PHIPA.
- Drive vendor risk management and BAA/DPA lifecycle negotiations.
- Partner with Engineering to implement security controls for SOC 2 Type II and ISO 27001 readiness.
- Embed privacy-by-design principles into product and engineering roadmaps.
- Lead IT operations, including user onboarding/offboarding and device management.
- Own Identity & Access Management (IAM) strategy and role-based access control (RBAC).
- Conduct SaaS vendor rationalization and procurement audits.
View Full Description & ApplyYou'll be redirected to the employer's site