Cybersecurity & Compliance Manager

Cybersecurity & Compliance Manager Kinomatic Cleveland, OH Job Details Full-time $115,000 - $140,000 a year 19 hours ago Benefits Health insurance Dental insurance 401(k) Paid time off Vision insurance Flexible schedule Qualifications Endpoint Security Technical documentation Regulatory compliance CISSP Compliance audits & assessments HIPAA Security assessment

CISM AWS

Policy & process development IT experience within healthcare System risk assessment (security system operation) Access control implementation Security policy implementation Vendor relationship management Third-party risk management Identity and access management (IAM) solutions Information security auditing HCISPP Identity & access management Full Job Description The Opportunity Kinomatic is seeking a Cyber Security & Compliance Manager to establish and lead the organization's information security strategy, privacy governance, and regulatory compliance posture as we scale our healthcare technology platform. This role will serve as Kinomatic's internal leader responsible for security governance, HIPAA compliance, and risk management while partnering closely with engineering teams and our Managed Service Provider (MSP) to ensure enterprise systems and processes meet regulatory and security standards. Responsibilities Establish and mature Kinomatic's information security program, including security policies, governance processes, risk management practices, and internal security awareness. Lead company-wide security awareness initiatives and training to promote secure handling of PHI and company data. Lead coordination of security incident response, working with engineering teams, leadership, and MSP to investigate and respond to potential security incidents. Provide security guidance to leadership on technology risk, security investments, and compliance priorities. Serve as the organization's HIPAA Security and Privacy Officer responsible for PHI protection and regulatory compliance. Lead security risk assessments, threat modeling, and vendor security reviews across infrastructure, applications, and third-party services. Develop and maintain core security documentation including incident response plans, data retention policies, access control policies, and security standards. Serve as the internal owner of the MSP relationship, defining security requirements and ensuring operational IT practices align with company security standards. Oversee identity and access management practices including least privilege access, MFA enforcement, and secure onboarding/offboarding processes. Provide security governance for enterprise systems including Microsoft 365, endpoint management, and enterprise SaaS tools. Develop policies and guardrails for responsible AI usage and ensure internal tools do not expose PHI or sensitive company data. Education Bachelor's degree in Information Security, Computer Science, Information Systems, or a related field, or equivalent hands-on experience in information security, cybersecurity, or compliance within a regulated environment.

Relevant certifications preferred such as:

CISSP, CISM, CISA, or HCISPP Required Knowledge, Skills and Abilities Strong understanding of healthcare regulatory frameworks including HIPAA security and privacy requirements. Experience implementing security governance programs using frameworks such as NIST Cybersecurity Framework. Knowledge of identity and access management, endpoint security, and enterprise SaaS security practices. Experience managing or coordinating with Managed Service Providers or enterprise IT vendors. Ability to conduct security risk assessments, vendor security reviews, and compliance audits. Strong documentation and policy development skills. Ability to communicate complex security concepts to technical and non-technical stakeholders. Experience operating in a regulated healthcare, medtech, or medical device environment. Preferred Qualifications Experience supporting healthcare technology or medical device software organizations. Familiarity with security considerations related to FDA-regulated software development. Experience supporting security governance in cloud-based environments such as AWS Kinomatic is transforming orthopedic surgery through proprietary 3D visualization and VR technology that enables surgeons to rehearse procedures before entering the operating room. As we expand our direct-to-patient presence, we are building the scalable growth engine that powers awareness, education, and long-term advocacy. Kinomatic is an equal opportunity employer and considers applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, veteran status, or other protected characteristics.

Pay:

$115,000.00 - $140,000.00 per year

Benefits:

401(k) Dental insurance Flexible schedule Health insurance Paid time off Vision insurance

Work Location:

Hybrid remote in Cleveland, OH 44113