Security and Compliance Manager
OpalaChattanooga, TN, US3 days ago
Job type
- Full-time
Job descriptionBachelor's degree in information security, risk management, or related field (or equivalent experience). 6+ years of experience in security, compliance, or risk management roles, with 3+ years in a leadership capacity. 3+ years of vendor management experience. Experience working with SOC 2, HIPAA, and HITRUST frameworks. Experience working in a Cloud-based SaaS Platform. Familiarity with healthcare data security and PHI handling. Experience with Drata's GRC and compliance automation platform. Strong organizational skills and ability to manage multiple audit and certification workstreams. Excellent written and verbal communication skills, with the ability to translate compliance requirements into clear actions for engineering and business teams. Hands-on experience modernizing segregation of duties in a highly regulated environment. Hands-on experience integrating Drata with external services : Entra ID, Azure, AWS, etc. Experience working in sprint-based Agile Development Methodology. Security certifications such as CISA, CISM, or CISSP. Experience with NIST 800-53, Cloud Security Alliance (CSA), and Center for Internet Security (CIS). Experience working in healthcare or other regulated industries. Exposure to enterprise architecture frameworks such as TOGAF. Experience building compliance roadmaps in early-stage startups. Exposure to Containerization platforms like Docker, Kubernetes, or VMware Tanzu. Exposure to Serverless platforms like Azure Functions, AWS Lambda. Exposure to Big Data platforms like Hadoop, Databricks, Snowflake, Kafka, Cloudera. Exposure to DevSecOps. Exposure to DevOps Squad Organization Model. The Seattle base salary range for this full-time position is $163k-$192k. Within the range, individual pay is determined by work location and additional factors, including job-related skills, experience, and relevant education or training. Benefits include medical, dental, vision, life and AD&D insurance, EAP, short-term and long-term disability, 16 days PTO, 8 paid holidays, fully paid holiday closure, parental and family medical leave, 401k, stock options and annual bonuses and salary increases based on merit. At Opala, we believe that diversity and inclusivity are critical to our success. We encourage and value diverse perspectives and experiences, and we believe that they are essential for driving innovation and creating products that meet the needs of our diverse customer base.
Security & Compliance Manager
Opala develops healthcare products that tackle the most complex data challenges faced by payers and providers. As a startup originating from a major healthcare plan in the Northwest, we combine deep health-tech expertise with top-tier data and software engineering talent to create products that our customers find meaningful and valuable. These data products empower payers and their partners to find timely insights and take action to intervene in areas like value-based care analytics, interoperability compliance, and real-time streaming of clinical data. In this remote position, we are seeking a Security & Compliance Manager to lead Opala's compliance and risk management program in a fast-moving healthcare data startup environment. This role owns our audit roadmap (SOC 2, HIPAA, HITRUST), ensures compliance with regulatory frameworks, and drives customer trust by managing security reviews, vendor assessments, and evidence collection. This role is two-fold. As a strategic leader, you will be guiding our compliance roadmap, managing our MSP (IT + SOC / MDR), and interfacing with auditors. As a hands-on contributor, you will be partnering with engineering squads and our Security & Compliance Team to operationalize evidence gathering and process maturity.
Responsibilities
- Own and maintain the company's Information Security Management System (ISMS).
- Lead annual and recurring compliance certifications (SOC 2, HIPAA, HITRUST).
- Respond to customer security questionnaires and due diligence requests.
- Oversee vendor risk management, including contracts, reviews, and security posture assessments.
- Manage MSP performance (IT and SOC / MDR) and ensure evidence feeds align with audit requirements.
- Mentor and guide other Engineers and Stakeholders in evidence collection, reporting, and process maturity.
- Define, implement, and maintain security policies, standards, and procedures.
- Serve as the main point of contact for auditors, regulators, and external security partners.
- Report compliance and risk posture to leadership and the board.
Competencies
Preferred Qualifications
Benefits
Diversity and Inclusivity Statement
Opala is an equal opportunity employer and makes employment decisions on the basis of merit. We are committed to providing a workplace free from harassment and discrimination. We celebrate the unique differences of our employees because that is what drives curiosity, innovation, and the success of our business. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, gender identity or expression, age, marital status, veteran status, disability status, pregnancy, parental status, genetic information, political affiliation, or any other status protected by the laws or regulations in the locations where we operate. Accommodations are available for applicants with disabilities.
Create a job alert for this search
Security Compliance Manager • Chattanooga, TN, US
Related jobs
NOTE : This position must be performed in Washington, DC so relocation to Washington, DC will be required.Recruitment Incentive : Applicants may be eligible for a $50,000 recruitment incentive in acc...Show moreLast updated: 4 days ago
Market Supervisor / Multi-Unit Supervisor.This position is the highest management position at the drive-in and is responsible for leading and managing the drive-ins operations and employees.Recruit, ...Show moreLast updated: 1 day ago
At Dollar General, our mission is Serving Others! We value each and every one of our employees.Whether you are looking to launch a new career in one of our many convenient Store locations, Distribu...Show moreLast updated: 2 days ago
This Engineer role, part of GSOC's Security Operations department, is responsible for protecting the cyber assets that support GSOC and GTC's digital operations.
The position focuses on conducting c...Show moreLast updated: 30+ days ago
Why Work for Domino’s / What We are Offering Our Great Team Members.We are the number 1 pizza company in the world!.Learn and sharpen your business skills as a manager for Domino's Pizza by...Show moreLast updated: 30+ days ago
State of Tennessee Job Information.LOCATION OF (350) POSITION(S) TO BE FILLED : DEPARTMENT OF CHILDREN'S SERVICES, CHILD AND FAMILY MANAGEMENT DIVISION, STATEWIDE.
The DCS Case Manager 1 • position ha...Show moreLast updated: 30+ days ago
We're currently seeking a Compliance Specialist to support the firm's Compliance Program.You will report to Manager-Compliance Operations.
Minimum two (2) years of Compliance and / or regulatory exper...Show moreLast updated: 12 hours ago
Ready to be pushed beyond what you think youre capable of?.At Coinbase, our mission is to increase economic freedom in the world.
Its a massive, ambitious opportunity that demands the best of us, ev...Show moreLast updated: 3 days ago
MANAGER IN TRAINING JOB SUMMARY : .The Manager in Training (MIT) is a future restaurant leader.MITs are learning what they need to know to become directly responsible for the day-to-day operations an...Show moreLast updated: 30+ days ago
Identity Access Management (IAM) Manager - Cyber Security.This position is 100% remote within the Bank's footprint.Employee will work full time remote outside of a WesBanco location (may occasional...Show moreLast updated: 4 days ago NOTE : This position must be performed in Washington, DC so relocation to Washington, DC will be required.Recruitment Incentive : Applicants may be eligible for a $50,000 recruitment incentive in acc...Show moreLast updated: 4 days ago The Supervisor, Security Engineering plays a key role in developing and administering GSOC's Critical Infrastructure Protection Program and other security initiatives to ensure cyber security of pr...Show moreLast updated: 30+ days ago 
This position is the highest management position at the drive-in and is responsible for leading and managing the drive-in's operations and employees.
Recruit, interview, hire, onboard, train, manage...Show moreLast updated: 12 hours ago This Engineer role, part of GSOC's Security Operations department, is responsible for protecting the cyber assets that support GSOC and GTC's digital operations.
The position focuses on conducting c...Show moreLast updated: 30+ days ago 
As an Assistant Store Manager (ASM), you’ll support our customers through real financial needs while gaining hands-on experience running a store.
You’ll develop your leadership skills in...Show moreLast updated: 25 days ago
The Director of Relay, Protection and Apparatus Testing and Commissioning oversees a department within Technical Services Division of Service Electric Company to install, test, repair, commission, ...Show moreLast updated: 3 days ago
Director Of It Governance, Risk, And Compliance.BlueCross BlueShield of Tennessee is seeking a strategic and experienced Director of IT Governance, Risk, and Compliance to lead our enterprise-wide ...Show moreLast updated: 30+ days ago
Ferroglobe is one of the world's leading suppliers of silicon metal, silicon-based and manganese-based specialty alloys and ferroalloys, serving a customer base across the globe in dynamic and fast...Show moreLast updated: 30+ days ago
- Promoted
Uniformed Security Specialist
The United States Secret ServiceChattanooga, TN, United StatesFull-time
- Promoted
General Store Manager in Training
Sonic Drive-InOoltewah, TN, USFull-time
- Promoted
STORE MANAGER IN TRENTON, GA
Dollar GeneralTrenton, Georgia, United StatesFull-time
Security Operations Engineer, (Level III- V)
Georgia System Operations CorporationGeorgia, GA, USAFull-time
Quick Apply
- Promoted
Domino's General Manager in Training - (LaFayette) - Great pay, Bonus & Incentives (3573)
Domino'sLaFayette, GA, USFull-time
- Promoted
DCS CASE MANAGER 1 • - EG - 04012025- 66745
State of TennesseeTracy City, TN, United StatesFull-time +1
- Promoted
- New!
Compliance Specialist
World InsuranceChattanooga, TN, USFull-time
- Promoted
Manager, Risk Analytics
CoinbaseChattanooga, TN, USFull-time
Manager in Training
BojanglesDalton, GA, USFull-time
- Promoted
Identity Access Management (IAM) Manager - Cyber Security - Wheeling, WV
WesBanco Bank Inc.Chattanooga, TN, United StatesFull-time +1
- Promoted
Uniformed Division Security Specialist
The United States Secret ServiceChattanooga, TN, United StatesFull-time
Supervisor, Security Engineering
Georgia System Operations CorporationGeorgia, GA, USAFull-time
Quick Apply
- Promoted
- New!
General Store Manager in Training
SonicSoddy Daisy, TN, USFull-time
Security Operations Engineer (Levels III - V)
Georgia System Operations CorporationGeorgia, GA, USAFull-time
Quick Apply
- Promoted
Assistant Store Manager
Community Choice Financial Family of BrandsDayton, TN, USFull-time
- Promoted
Director of Relay, Protection and Apparatus Testing and Commissioning
Service Electric CompanyChattanooga, TN, USFull-time
- Promoted
Director IT Governance, Risk and Compliance
BlueCross BlueShield of TennesseeChattanooga, TN, USFull-time
- Promoted
Environment Health and Safety Manager
Ferroglobe PLCBridgeport, AL, United StatesFull-time