×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Information Security IT Consultant Data Security

Security Manager

Job in Tampa, Hillsborough County, Florida, 33646, USA
Listing for: Hearst Communications, Inc.
Full Time position
Listed on 2026-02-18
Job specializations:
  • IT/Tech
    Cybersecurity, Information Security, IT Consultant, Data Security
Salary/Wage Range or Industry Benchmark: 60000 - 80000 USD Yearly USD 60000.00 80000.00 YEAR
Job Description & How to Apply Below

Overview

The Security Manager will lead, implement, and maintain our security, privacy, and certification programs for Market Prominence. This role will be responsible for designing and operationalizing SOC2 compliant policies, managing our GRC platform, coordinating audits, ensuring readiness for external assessments, and serving as a key resource for client security requests. This Security Manager will work as an individual contributor cross-functionally with Engineering, Security, HR, and Operations teams to ensure our controls are well-designed, consistently implemented, and documented in alignment with regulatory requirements and industry best practices.

This position can be based Hybrid in Tampa, FL or Guilford, CT.

Key Responsibilities
  • Certification Program Development
    • Lead the company’s SOC 2 Type II and HIPAA compliance initiatives from planning through certification.
    • Develop, draft, and maintain security, IT, and privacy policies aligned with SOC 2, HIPAA, NIST, and other relevant standards.
    • Establish and maintain a security roadmap, including milestones, control gaps, remediation steps, and timelines.
  • GRC Tool Ownership
    • Implement, configure, and administer the company’s GRC platform.
    • Map controls, evidence sources, workflows, and automated tests within the GRC tool.
    • Ensure continuous monitoring and automated evidence collection is accurate and functioning.
    • Work with Market Prominence team to correct any findings.
  • Audit & Certification Management
    • Serve as the primary liaison for external auditors, assessors, and compliance partners.
    • Prepare audit-ready documentation, evidence, and controls for SOC 2 Type II and HIPAA audits.
    • Coordinate and track internal control testing and remediation actions.
    • Maintain readiness for annual recertification and surveillance audits.
  • Policy & Process Implementation
    • Train internal teams on new policies, procedures, and compliance requirements.
    • Collaborate with Engineering and Dev Ops to implement technical security controls (e.g., logging, access management, encryption, vulnerability management).
    • Ensure proper implementation and documentation of administrative, physical, and technical safeguards required for HIPAA.
  • Client Security Requests
    • Manage client and prospect security questionnaires.
    • Maintain standardized responses and supporting documentation.
    • Participate in security review calls with clients as needed.
  • Risk Management & Internal Oversight
    • Maintain the Market Prominence risk register and ensure timely risk assessments.
    • Oversee third-party vendor security evaluations and monitoring.
    • Participate in incident response planning, tabletop exercises, and post-incident reviews.
    • Monitor and report on compliance KPIs and risk posture to leadership.
  • Continuous Improvement
    • Stay current with regulatory requirements and industry frameworks (e.g., SOC 2, HIPAA).
    • Recommend and implement improvements to enhance the company’s security and compliance posture.
    • Evaluate and introduce new tools, processes, and automation opportunities.
Skill Requirements
  • 3–7+ years of experience in security, compliance, IT risk, or related field.
  • Direct experience with SOC 2 Type II and/or HIPAA compliance initiatives.
  • Strong familiarity with common GRC tools and compliance automation platforms.
  • Experience drafting policies, procedures, and technical security documentation.
  • Ability to manage audits, communicate with auditors, and gather required evidence.
  • Understanding of security best practices (access control, encryption, logging, vulnerability management, cloud security).
  • Excellent organizational, project management, and cross-functional communication skills.
Education/Certification Requirements
  • Bachelor’s Degree or relevant certifications
Additional Competency Requirements
  • Experience in a SaaS, cloud-native, or healthcare IT environment.
  • Knowledge of AWS, Azure, or other cloud security frameworks.
  • Experience with HITRUST, ISO 27001, or NIST frameworks.
  • Relevant certifications (e.g., CISSP, CISA, CISM, HCISPP, Security+, CCSFP).
  • Successful candidate must be able to successfully complete a background check and drug screening.

At MHK we help health plans and pharmacy benefit managers deliver optimal care management across…

To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search