IT Compliance & Risk Lead

This role leads IT compliance and risk management, owning HIPAA and PCI-DSS programs, policies, audits, and risk tracking. It oversees SOC operations, vulnerability remediation, incident response, access controls, vendor risk, and security training. The first year focuses on building core processes like risk assessments, access reviews, and incident response. Success is measured by clean audits, timely remediation, and improved security practices.