Compliance Manager

At Pursuant Health, we are dedicated to providing effective health management tools that are free, easy, and accessible for everyone. Our innovative approach brings health screenings to one of the most frequented places in our communities: retail stores. With a network of over 4,600 health kiosks located in high-traffic retail pharmacies across the country, we empower individuals to check in on their health conveniently and regularly. Our kiosks are HIPAA-compliant and FDA-cleared Class II Medical Devices, offering free biometric screenings and clinically valid health assessments that help people understand their personal health risks and track their metrics over time.

We pride ourselves on our fast-paced, growth-oriented company culture. At Pursuant Health, every team member enjoys significant responsibility and autonomy, allowing you to make a real impact. If you thrive in a lean environment filled with exciting, cutting-edge solutions and are ready to roll up your sleeves, you’ll find a perfect fit with us!

Role Overview: As the Compliance Manager, you will be responsible for developing, implementing, and managing compliance programs to ensure the firm adheres to all federal, state, and local cybersecurity and privacy regulations, as well as internal policies. 

Responsibilities: 

• Assist in the development and execution of an annual risk assessment and compliance workplan. 

• Stay updated on changes to applicable regulations and communicate relevant updates. 

• Oversee and monitor activities and evidence of control compliance across the organization. 

• Review and develop appropriate policies and procedures to support compliance with healthcare, privacy, and cybersecurity controls. 

• Coordinate activities with third parties for audit engagements. 

• Assess third party suppliers and partners for risks associated with cybersecurity, data privacy, and regulatory compliance. 

• Respond to assessments and questionnaires from customers related to company cybersecurity and data privacy risks and controls. 

• Serve as SME representing the company to customers and suppliers on issues relating to information security, privacy, and compliance. 

Qualities: 

• 5 years of experience working in a similar role in information security risk assessment, compliance and/or security 

• Knowledge of relevant security regulations, standards and frameworks, including SOC2, ISO27000, HIPAA, and NIST CSF 

• Excellent written and verbal communication skills, interpersonal and collaborative skills, and the ability to communicate security and risk-related concepts to technical and nontechnical audiences 

• Strong task and project management skills with a proven track record of delivering projects on time and in budget 

• Professional certifications such as CISM (Certified Information Security Manager), CISA (Certified Information Systems Auditor), or other similar credentials are a plus. 

Benefits:

• Pay: $100k-110k a year based on experience
• Unlimited PTO
• Hybrid Office Environment
• Health Insurance
• Dental Insurance
• Vision Insurance
• 401k
• Possible Stock Options

Salary : $100,000 - $110,000