IT Compliance Program Manager jobs in United States
cer-icon
Apply on Employer Site
company-logo

Myriad Genetics · 21 hours ago

IT Compliance Program Manager

positionUnited States
timeFull-time
remoteRemote
senioritySenior Level
date5+ years exp

Myriad Genetics is seeking an Information Security Compliance Specialist to execute and coordinate HITRUST audit and Third-Party Risk Management activities. This role involves ensuring audit readiness, validating control effectiveness, and maintaining compliance documentation across various workstreams.

BiotechnologyPharmaceuticalPrecision Medicine
check
H1B Sponsor Likelynote

Responsibilities

Execute HITRUST CSF audit readiness and sustainment activities under the direction of Information Security Compliance leadership
Perform control evidence collection, validation, and documentation to support HITRUST assessments and ongoing compliance
Assist with control design and operating effectiveness testing, documenting results in alignment with HITRUST assessment requirements
Support coordination with internal teams to obtain timely, accurate audit evidence
Maintain organized and up-to-date audit documentation and evidence repositories to support continuous readiness
Track assigned audit findings, corrective action plans (CAPs), and remediation evidence through closure
Support third-party/vendor security risk assessments for vendors handling PII/PHI/ePHI or supporting regulated systems
Review vendor documentation, including SOC 2 Type II reports, HITRUST certifications, ISO/IEC 27001 attestations, and security questionnaires
Document identified control gaps, risks, and remediation actions in accordance with internal TPRM procedures
Assist with vendor follow-ups, evidence collection, and reassessments as required
Help maintain vendor risk records and compliance tracking to support audits and regulatory inquiries
Execute day-to-day compliance activities aligned to HITRUST CSF, HIPAA, PCI Requirements
Translate technical security implementations into clear, audit-ready documentation and control evidence
Support maintenance of policies, procedures, and control narratives to reflect current operational practices
Assist with cross-framework mappings and evidence reuse efforts to improve efficiency and consistency
Identify and escalate compliance gaps or documentation issues to Information Security Compliance leadership

Qualification

HITRUST assessmentsThird-party risk assessmentsHIPAA complianceNIST frameworksISO/IEC 27001Security toolsStakeholder communicationCloud environmentsGRC platformsDocumentation skillsOrganizational skills

Required

5+ years of experience in Information Security Compliance, IT Risk, IT Audit, or Internal Audit roles
Hands-on experience supporting or coordinating HITRUST assessments or similar security assurance programs, including readiness, evidence management, and assessor interaction
Experience working in healthcare, life sciences, or healthcare-regulated environments
Strong working knowledge of HIPAA Security and Privacy Rules and healthcare regulatory expectations
Experience conducting third-party/vendor security risk assessments
Working knowledge of NIST 800-53, NIST CSF and ISO/IEC 27001 frameworks
Ability to understand and assess technical controls related to IAM, logging/monitoring, endpoint security, vulnerability management, and cloud infrastructure
Working knowledge of security tools such as SIEM, endpoint protection, IAM, DLP, and cloud security platforms
Strong documentation, prioritization, and stakeholder communication skills
Excellent documentation, organizational, and stakeholder communication skills
Bachelor's degree in Cybersecurity, Information Systems, Health Information Management, or a related field (or equivalent experience)

Preferred

Progress toward, or intent to pursue, industry-recognized certifications such as CISA, HCISPP, HITRUST CCSFP, or CISSP
Experience supporting risk or compliance assessments in cloud environments (e.g., AWS, Azure, or GCP)
Familiarity with GRC platforms used for audit tracking, evidence management, and risk workflows (e.g., AuditBoard or similar tools)

Company

Myriad Genetics

twittertwittertwitter
Glassdoor3.6
company-logo
Myriad Genetics discovers, develops, and commercializing novel therapies for the treatment of cancer.
dateFounded in 1991
location
Salt Lake City, Utah, USA
people-size1001-5000 employees
web-link
http://www.myriad.com

H1B Sponsorship

Myriad Genetics has a track record of offering H1B sponsorships. Please note that this does not guarantee sponsorship for this specific role. Below presents additional info for your reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2025 (5)
2024 (9)
2023 (4)
2022 (7)
2021 (3)

Funding

Current Stage
Public Company
Total Funding
$215M
Key Investors
OrbiMed
2025-07-31Post Ipo Debt· $125M
2023-07-06Post Ipo Debt· $90M
1995-10-13IPO

Leadership Team

leader-logo
Sam Raha
CEO | President | Board member
linkedin
leader-logo
Ben Wheeler
Chief Financial Officer
linkedin

Recent News

GenomeWeb
GenomeWeb Top 40 Rises 10 Percent in 2025 As Dx Strength Compensates for Weakness in Tools Segment
2026-01-07
GenomeWeb
Zydus Lifesciences to Market Myriad Genetics Cancer Tests in India
2025-12-24
GenomeWeb
EU Unified Patent Court Rules in Favor of Myriad Genetics in Breast Cancer IP Dispute
2025-12-24
Company data provided by crunchbase