Job Description
We are hiring an Information Security & Compliance Manager to own data security, IT security controls, and compliance end-to-end.
Key Responsibilities
Own SOC 2 (Type I & II) compliance end-to-end
Lead ISO 27001 ISMS and support HIPAA compliance
Implement and manage security controls (SSO, MFA, IAM, cloud security)
Own security policies, risk register, audits, and evidence
Respond to customer security questionnaires & vendor reviews
Act as the single point of contact for security & compliance
Must Have
6–10 years experience in Info Sec / GRC / Compliance
Hands-on SOC 2 audit ownership (not support role)
Practical ISO 27001 experience
Saa S / product company background
Experience with Azure AD / IAM / cloud security
Nice to Have
HIPAA exposure
Compliance tools (Vanta / Drata / Secureframe)
Startup or scale-up experience
Key Responsibilities
Own SOC 2 (Type I & II) compliance end-to-end
Lead ISO 27001 ISMS and support HIPAA compliance
Implement and manage security controls (SSO, MFA, IAM, cloud security)
Own security policies, risk register, audits, and evidence
Respond to customer security questionnaires & vendor reviews
Act as the single point of contact for security & compliance
Must Have
6–10 years experience in Info Sec / GRC / Compliance
Hands-on SOC 2 audit ownership (not support role)
Practical ISO 27001 experience
Saa S / product company background
Experience with Azure AD / IAM / cloud security
Nice to Have
HIPAA exposure
Compliance tools (Vanta / Drata / Secureframe)
Startup or scale-up experience
Apply for this Position
Ready to join Phox Health? Click the button below to submit your application.
Submit Application