Director, IT Security & Compliance - Remote

Job Listing ID:

4471388

Job Title:

Director, IT Security & Compliance -

Remote Application Deadline:

Open Until Filled

Job Location:

Salem

Date Posted:

04/11/2026

Hours Worked Per Week:

Not Provided Shift:

Not Provided Duration of Job:

Either Full or Part Time, more than 6 months You may contact this employer directly. (Obtain the contact information to print or add to your jobs.)

Job Summary:

Job Description:

Sharecare is a digital healthcare company that delivers software and tech-enabled services to stakeholders across the healthcare ecosystem to help improve care quality, drive better outcomes, and lower costs. Through its data-driven AI insights, evidence-based resources, and comprehensive platform - including benefits navigation, care management, home care resources, health information management, and more - Sharecare helps people easily and efficiently manage their healthcare and improve their well-being. Across its three business channels, Sharecare enables health plan sponsors, health systems and physician practices, and leading pharmaceutical brands to drive personalized and value-based care at scale. To learn more, visit Sharecare.com.

Job Summary:

The Director of IT Security Compliance is responsible for leading and managing enterprise-wide security compliance, IT audit, and third-party risk management initiatives. This role ensures alignment with industry standards and regulatory requirements while overseeing certification efforts, audit processes, vendor risk evaluations, and continuous improvement of compliance programs. The Director will work cross-functionally to support business objectives while maintaining a strong security, audit, and compliance posture.

Essential Job Functions:

Certification & Audit Management Lead and manage all external certification audit processes, including ISO 27001, HITRUST, and

SOC 1 / SOC 2.

Serve as the primary point of contact for external auditors, certification bodies, and IT audit firms. Oversee IT audit readiness activities, including control design, documentation, and evidence management. Coordinate internal stakeholders to ensure timely and successful audit execution. Respond to client-driven audits and due diligence requests across all business lines. IT Audit Oversight & Governance Lead internal and external IT audit engagements, including planning, scoping, execution support, and reporting. Ensure alignment of IT controls with audit frameworks (e.g., SOC, ISO, HITRUST, NIST). Partner with Internal Audit and external auditors to facilitate efficient audit cycles. Review audit results, assess control effectiveness, and provide strategic recommendations. Establish and maintain audit documentation standards, including policies, procedures, and control narratives. Third-Party Risk Management (TPRM) Define and lead the enterprise third-party risk management program. Establish processes to assess and tier vendor risk based on data sensitivity, access, and business impact.

Evaluate vendor risk through:

Business owner-completed risk assessments Vendor-provided certifications (e.g., SOC 2, HITRUST) Independent vendor security scorecards Leverage GRC tools to calculate and track inherent risk and residual risk for all vendors. Review vendor control environments and identify gaps against organizational and regulatory requirements. Partner with business owners to ensure appropriate risk acceptance, mitigation, or remediation strategies are implemented. Monitor vendor risk posture continuously and reassess critical vendors on a defined cadence. Support procurement and legal teams in embedding security and compliance requirements into vendor contracts. Corrective Action & Findings Management Define, implement, and manage the internal corrective action plan (CAP) process. Track and drive remediation of findin...

Job Classification:

Computer and Information Systems Managers Access our statewide or regional occupation report for more information about wages, employment outlooks, skills, training programs, related occupations, and more. Compensation

Salary:

Not Provided Job Requirements

Experience Required:

 See Job Summary

Education Required:

None

Minimum Age:

N/A Gender:

N/A