IT Security Compliance Assurance Manager (CAM)

Summary

The Information Security Compliance Assurance Manager is a highly qualified Cyber security audit and compliance professional with advanced level of experience in the industry dealing with audits, audit planning, audit project management.

This requires the ability to interact and influence at an executive level within client organizations such as Information Governance and IT Security leaders. You will be able to demonstrate industry expertise and understanding of the security governance, compliance, and audit related to the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the National Institute of Standards and Technology (NIST) 800-53 frameworks. The IT Security Compliance Assurance Manager (CAM) will responsible to ensure Gainwell, its clients and partners are in compliance with the afore mentioned as well as any state and federal requirements/regulations.

Your role in our mission

• Document and address organization's information security audit and compliance requirements and standards.
• Develops, maintains, and communicates the organization’s information security policy and procedures
• Directs and oversees the assessment, selection, implementation, and maintenance of information security tools and technologies
• Evaluate new or updated industry regulations to ensure continued compliance
• Enforces information security controls and investigates/responds to information security incidents
• Participates in business continuity planning (BCP) activities when required by regulation or senior leadership
• Prepares reports, business cases, and presentations on security risk, controls, the status of compliance efforts, etc.
• Acts as liaison between IT and other functions (e.g., legal) regarding information compliance and/or audits
• Assist ISL in the collaboration on SSP's

• Assist ISL in the determine the protection needs (i.e., security controls) for the information system(s) and network(s) and document appropriately.
• Anything other duties assigned for the purposes to benefit the organization, company and client

What we're looking for

• At least 5 years’ experience working in industry as a Security Compliance Auditor
• CISA, CEH, PMP, CISM, CRISC or CISSP certification
• Advanced knowledge of the security and auditing regulations (HIPAA, NIST, SOC, etc..)
• Well-versed in industry regulations and have the ability to translate complex security concepts into layman’s terms
• Ability to work effectively in diverse, multi-national and virtual environments
• Self-motivated and tenacious
• Demonstrate sound judgment and integrity
• Ability to influence delivery personnel in the execution of security and compliance requirements
• Experience of translating contractual security requirements to deliverables

What you should expect in this role

• Remote position (US only)
• Opportunities to travel through your work (0-10%)
• Video cameras must be used during all interviews, as well as during the initial week of orientation
• The deadline to submit applications for this posting is 4/30/2026