IT Security and Compliance Manager

About One to One Health
One to One Health is a rapidly growing healthcare company serving over 250,000 patients through innovative, relationship-driven care. We partner with employers to provide coordinated and patient-centered healthcare services, including primary care, occupational health, virtual care, wellness, and mental health. Guided by our mission to do good and help others, we are committed to leveraging cutting-edge technology to maintain compliance and safeguard sensitive data.

About the Role
We are seeking a proactive and detail-oriented IT Security and Compliance Manager to lead our enterprise compliance efforts across One to One Healths managed systems and IT vendor-managed systems. This role is pivotal in ensuring that our organization maintains robust security controls, adheres to regulatory requirements, and successfully navigates annual compliance audits. Using Drata compliance software as the primary tool, you will manage compliance frameworks, enforce controls, and collaborate across teams and vendors to ensure One to One Health meets the highest standards of IT security and compliance.

Responsibilities

• Oversee and maintain enterprise compliance across internal systems and vendor-managed systems.

• Manage and monitor security and compliance controls using Drata compliance software.

• Coordinate annual compliance audits, ensuring documentation, evidence collection, and timely resolution of audit findings.

• Develop, implement, and enforce IT security policies, standards, and procedures to ensure compliance with frameworks such as SOC 2 and HIPAA.

• Collaborate with internal teams and vendors to identify and remediate compliance gaps or risks.

• Conduct regular risk assessments and vulnerability analyses to ensure the effectiveness of controls.

• Educate and train staff on compliance requirements and best practices for maintaining IT security.

• Serve as the primary point of contact for compliance inquiries, audits, and incident investigations.

Qualifications

• Bachelors degree in Computer Science, Information Security, or a related field (or equivalent experience).

• Proven experience in IT security, compliance management, or related roles.

• Familiarity with Drata or similar compliance management tools.

• Strong understanding of compliance frameworks such as SOC 2 and HIPAA.

• Experience managing compliance audits, including evidence collection and control validation.

• Excellent project management skills and the ability to work independently in a fast-paced environment.

• Strong communication and interpersonal skills for collaboration across technical and non-technical teams.

Preferred Qualifications

• Professional certifications such as CISSP, CISM, CISA, or equivalent.

• Experience in healthcare IT compliance or managing sensitive healthcare data.

• Knowledge of vendor risk management and third-party compliance.

• Familiarity with cloud environments and security best practices.

What We Offer

• A key role in shaping and maintaining the security and compliance posture of a rapidly growing organization.

• Flexible work arrangements, including hybrid or remote options for the right candidate.

• A collaborative and dynamic work environment where your contributions will have a direct impact.

• Competitive compensation and opportunities for professional growth.

One to One Health is an equal opportunity employer and does not discriminate in hiring based on race, color, creed, religion, sex, sexual orientation, national origin, age, disability, pregnancy, genetic information, gender identity, or veteran status.