Intelligent Medical Objects
Lead Compliance Specialist
Intelligent Medical Objects, Chicago, Illinois, United States, 60290
At IMO Health, we are seeking a highly motivated
Lead Compliance Specialist
to strengthen our Governance, Risk, and Compliance (GRC) program. In this role, you will help mature our security and compliance posture by managing risk assessments, control testing, audits, and cross-functional initiatives that support regulatory and customer requirements. The ideal candidate will bring expertise in frameworks such as SOC 2, HIPAA, HITRUST, and/or ISO 27001, and experience working in a fast-paced, cloud-first environment. IMPACT YOU'LL MAKE:
As our
Lead Compliance Specialist , youll serve as a key operational leader within our compliance programhelping ensure we meet the evolving expectations of regulators, auditors, partners, and customers. Your work will ensure policies, controls, and evidence are not only audit-ready but aligned to the business. Youll help shape a culture of compliance, reduce risk, and support trust in everything we do. WHAT YOU'LL DO:
Oversee
vendor risk management
activities and manage due diligence reviews. Partner with Security and HR teams to support
training ,
awareness , and
ethics
initiatives. Track and manage
risk remediation efforts
across teams to ensure timely closure of Contribute to the
planning
and
execution
of internal and external audits (e.g., SOC 2, HIPAA, HITRUST, ISO 27001). Develop, implement, and maintain
policies ,
procedures , and
controls
aligned with regulatory requirements and industry frameworks (e.g., ISO 27001, NIST, HIPAA, HITRUST, SOC 2). Coordinate
with Legal, IT, Security, HR, and Engineering to ensure
cross-functional
compliance. Contribute to
risk assessments , including identification, analysis, and mitigation of security, privacy, compliance, and operational risks. gaps and findings. Provide
compliance guidance
and support during customer security reviews and RFPs. Drive
improvements
to GRC processes, tools, and technologies. Prepare reports for senior leadership on
GRC metrics , risks, compliance status, and emerging threats. Support
incident response
and post-incident reviews to ensure appropriate documentation, reporting, and follow-up actions. Train
and
mentor
the organization on compliance processes and expectations. Monitor regulatory
developments
and support program updates in response to changes. WHAT YOU'LL NEED:
4+ years of experience in regulatory compliance, audit, risk management, or a related field. Demonstrated expertise in
HIPAA and privacy laws , with a strong aptitude for navigating complex regulatory requirements. Familiarity with
GRC platforms
or compliance automation tools. Excellent
organizational skills
and attention to detailable to manage multiple deadlines. Strong
communication
and
interpersonal
skills to influence and align stakeholders across departments. A
collaborative
mindset with the ability to lead through influence, not just authority. Bonus Points For
Experience in healthcare, SaaS, and cloud-based environments. Understanding of compliance frameworks such as SOC 2, HITRUST, or ISO 27001. Industry certifications (e.g., CISA, CCSFP, CHPC, CIPM, or similar). Exposure to privacy regulations like GDPR, CCPA, or data protection impact assessments. Experience with customer-facing compliance support (e.g., security questionnaires, due diligence calls). Familiarity with AI compliance and emerging risk domains (a plus, not required). $75,000 - $100,000 a year Compensation at IMO Health is determined by job level, role requirements, and each candidates experience, skills, and location. The listed base pay represents the target for new hires with individual compensation varying accordingly. These figures exclude potential bonuses, equity, or sales incentives, which may also be part of the total compensation package. Our recruiter will provide additional details during the hiring process. IMO Health also offers a comprehensive benefits package. To learn more, please visit IMO Health's Careers Page . #J-18808-Ljbffr
Lead Compliance Specialist
to strengthen our Governance, Risk, and Compliance (GRC) program. In this role, you will help mature our security and compliance posture by managing risk assessments, control testing, audits, and cross-functional initiatives that support regulatory and customer requirements. The ideal candidate will bring expertise in frameworks such as SOC 2, HIPAA, HITRUST, and/or ISO 27001, and experience working in a fast-paced, cloud-first environment. IMPACT YOU'LL MAKE:
As our
Lead Compliance Specialist , youll serve as a key operational leader within our compliance programhelping ensure we meet the evolving expectations of regulators, auditors, partners, and customers. Your work will ensure policies, controls, and evidence are not only audit-ready but aligned to the business. Youll help shape a culture of compliance, reduce risk, and support trust in everything we do. WHAT YOU'LL DO:
Oversee
vendor risk management
activities and manage due diligence reviews. Partner with Security and HR teams to support
training ,
awareness , and
ethics
initiatives. Track and manage
risk remediation efforts
across teams to ensure timely closure of Contribute to the
planning
and
execution
of internal and external audits (e.g., SOC 2, HIPAA, HITRUST, ISO 27001). Develop, implement, and maintain
policies ,
procedures , and
controls
aligned with regulatory requirements and industry frameworks (e.g., ISO 27001, NIST, HIPAA, HITRUST, SOC 2). Coordinate
with Legal, IT, Security, HR, and Engineering to ensure
cross-functional
compliance. Contribute to
risk assessments , including identification, analysis, and mitigation of security, privacy, compliance, and operational risks. gaps and findings. Provide
compliance guidance
and support during customer security reviews and RFPs. Drive
improvements
to GRC processes, tools, and technologies. Prepare reports for senior leadership on
GRC metrics , risks, compliance status, and emerging threats. Support
incident response
and post-incident reviews to ensure appropriate documentation, reporting, and follow-up actions. Train
and
mentor
the organization on compliance processes and expectations. Monitor regulatory
developments
and support program updates in response to changes. WHAT YOU'LL NEED:
4+ years of experience in regulatory compliance, audit, risk management, or a related field. Demonstrated expertise in
HIPAA and privacy laws , with a strong aptitude for navigating complex regulatory requirements. Familiarity with
GRC platforms
or compliance automation tools. Excellent
organizational skills
and attention to detailable to manage multiple deadlines. Strong
communication
and
interpersonal
skills to influence and align stakeholders across departments. A
collaborative
mindset with the ability to lead through influence, not just authority. Bonus Points For
Experience in healthcare, SaaS, and cloud-based environments. Understanding of compliance frameworks such as SOC 2, HITRUST, or ISO 27001. Industry certifications (e.g., CISA, CCSFP, CHPC, CIPM, or similar). Exposure to privacy regulations like GDPR, CCPA, or data protection impact assessments. Experience with customer-facing compliance support (e.g., security questionnaires, due diligence calls). Familiarity with AI compliance and emerging risk domains (a plus, not required). $75,000 - $100,000 a year Compensation at IMO Health is determined by job level, role requirements, and each candidates experience, skills, and location. The listed base pay represents the target for new hires with individual compensation varying accordingly. These figures exclude potential bonuses, equity, or sales incentives, which may also be part of the total compensation package. Our recruiter will provide additional details during the hiring process. IMO Health also offers a comprehensive benefits package. To learn more, please visit IMO Health's Careers Page . #J-18808-Ljbffr