Experienced HITRUST Assessment Manager​/Panama Panama; Remote

Experienced HITRUST Assessment Manager / Panama

* This is a hybrid position for candidates located in Panama City only. Employees are expected to attend the office three times per week. Our office is located in the Obarrio neighborhood.

Insight Assurance is a global audit firm on a mission to transform how organizations achieve cybersecurity and compliance. Founded by former Big 4 (EY) professionals, we deliver next-generation audit services across SOC 2, ISO 27001, PCI DSS, HITRUST, CMMC, and FedRAMP frameworks.

We’re not your traditional audit firm —we’re tech-enabled
, leveraging compliance automation and advanced collaboration tools to make audits faster, smarter, and more impactful for our clients.

Recognized on the Inc. 5000 and Fast 50 lists, Insight Assurance is one of the fastest-growing global audit firms
, with 180+ professionals supporting nearly 2,000 clients across the Americas, EMEA, and APAC
.

The HITRUST Assessment Manager is responsible for leading and managing HITRUST readiness and validated assessment engagements for clients, with a focus on healthcare and other highly regulated industries. This role combines hands‑on assessment work with people leadership, overseeing a Panama-based team that supports global clients. It ensures high-quality deliverables, efficient project execution, and a consistent, standards-driven approach aligned with the HITRUST CSF and related frameworks.

• Lead multiple concurrent HITRUST readiness and validated assessment engagements from planning through reporting.
• Develop and execute assessment plans, including scope, objectives, timelines, and resource allocation.
• Conduct and oversee comprehensive risk and gap assessments against the HITRUST CSF, including control design and operating effectiveness testing.
• Review client policies, procedures, technical configurations, and evidence to evaluate conformance with HITRUST CSF, HIPAA, and related regulatory expectations.
• Develop clear, actionable remediation recommendations and roadmaps to support clients’ certification or recertification efforts.
• Directly supervise a team of HITRUST assessors/consultants, including assigning work, providing coaching, and performing performance feedback and periodic evaluations.
• Review and quality-check team deliverables (work papers, test results, reports) to ensure alignment with firm methodology and HITRUST requirements.
• Provide ongoing training, mentoring, and technical guidance to develop the team’s HITRUST, security, and audit capabilities.
• Help build a positive, collaborative culture that emphasizes quality, client service, and continuous improvement.

• Contribute to the design, enhancement, and maintenance of the firm’s HITRUST methodology, templates, and work programs in alignment with the HITRUST Assessment Handbook and Risk Management Handbook.
• Stay current on HITRUST CSF updates, emerging guidance, and related frameworks (e.g., NIST, ISO 27001, SOC 2, HIPAA) and translate changes into internal procedures and client guidance.
• Support internal quality assurance reviews and remediation of identified process gaps.
• Collaborate with cross-functional teams (e.g., SOC, ISO, PCI) to promote consistent, integrated service delivery.

• Assist leadership in estimating the level of effort, scoping new engagements, and contributing to proposals and statements of work.
• Participate in client presentations, onboarding calls, and status meetings.
• Contribute to thought leadership (e.g., internal training, knowledge articles, or external content) related to HITRUST, cybersecurity, and risk management.

• Deep understanding of the HITRUST CSF, assessment types (e.g., e1, i1, r2), and certification lifecycle (readiness, validated assessment, interim assessment, recertification).
• Strong knowledge of information security and privacy principles, particularly in healthcare or other regulated environments (HIPAA/HITECH, GDPR, NIST 800-53, ISO 27001, SOC 2, PCI, etc.).
• Experience evaluating and testing administrative,…