We use cookies. Find out more about it here. By continuing to browse this site you are agreeing to our use of cookies.
I agree and accept cookies
Main menu
Post a Job
Request a Demo
Yes
No
Both
Advanced search
#alert
Back to search results / More jobs like this
Back to search results
New
Cirtec Medical jobs

IT Compliance Manager

Cirtec Medical
paid time off, 401(k)
United States, Minnesota, Brooklyn Park
9200 Xylon Avenue North (Show on map)
Mar 18, 2026

Description

About us:

For over three decades, Cirtec Medical has been a leading outsourcing partner for complex medical devices. We specialize in providing comprehensive solutions for Class II and III devices, from design and development to precision components and finished device assembly. Our expertise spans neuromodulation, implantable drug delivery, cardiac rhythm management, structural heart, mechanical circulatory support, and minimally invasive surgical systems.

Our dedicated teams prioritize growth, innovation, and collaboration. We actively seek opportunities for improvement to enhance our support for clients. If you embrace a growth mindset and thrive on challenges, you may be a perfect fit for our team!

Position Summary:

We are seeking an IT Compliance Manager to lead and manage the organization's information security governance, risk, and compliance programs. This role will own and maintain our ISO27001 Information Security Management System (ISMS) and SOC2 compliance program, ensuring ongoing certification readiness and successful audit cycles. The role will manage our compliance program using Drata, coordinate with internal control owners, and serve as the primary liaison with auditors. This position works closely with IT, engineering, and business teams to ensure security controls are implemented, documented, and maintained across the organization. This role is focused on security governance and compliance program management, not hands-on infrastructure administration.

Key Responsibilities:

Compliance & Certification Management

  • Own and maintain the organization's ISO27001 ISMS
  • Manage ongoing SOC2 Type II compliance program
  • Maintain control framework within Drata
  • Ensure evidence collection and control validation
  • Coordinate external audit engagements
  • Manage annual surveillance and recertification audits
  • Maintain compliance documentation and audit artifacts

Governance, Risk & Policy Management
  • Maintain and update security policies and standards
  • Manage the enterprise risk register and risk treatment plans
  • Conduct periodic risk assessments
  • Track remediation activities and control gaps
  • Ensure alignment between policies, controls, and technical implementations

Control Management & Internal Coordination
  • Work with IT and engineering teams to ensure controls are implemented and functioning
  • Assign and track control ownership across departments
  • Monitor compliance posture using Drata dashboards and reports
  • Coordinate evidence collection across control owners
  • Facilitate internal compliance reviews

Vendor & Third-Party Risk
  • Manage vendor security review process
  • Maintain vendor risk assessment documentation
  • Support procurement with security due diligence
  • Track vendor compliance obligations


Security Program Support
  • Coordinate security awareness training programs
  • Support incident response documentation and post-incident reviews
  • Assist with customer security questionnaires
  • Provide support for regulatory and customer security inquiries

Must Have:

  • Bachelors degree
  • 5+ years in information security, risk, or compliance
  • Experience managing SOC2 and/or ISO27001 programs
  • Experience working with GRC platforms (Drata, Vanta, Secureframe, or similar)
  • Experience coordinating external security audits
  • Strong understanding of security control frameworks
  • Experience managing risk registers and remediation tracking
  • Strong documentation and organizational skills
  • Ability to coordinate across technical and business teams

Good to have:

  • ISO27001 Lead Implementer or Lead Auditor
  • CISA, CISM, or CRISC
  • Experience working in regulated industries
  • Experience supporting SOC2 Type II audits
  • Familiarity with vulnerability management and security operations processes

Salary Range: Salary range of 80,000 to 95,000 depending on skills and experience.

Cirtec Medical Corporation considers for employment and hires qualified candidates without regard to age, race, religion, color, sex, sexual orientation, gender identity, national origin, ancestry, protected veteran or disability status or any factor prohibited by law. Cirtec Medical Corporation and all of its related companies fully endorse equal opportunity for all. Cirtec Medical provides reasonable accommodation for qualified individuals with disabilities and disabled veterans in the job application process.

We work to create a culture that is built on innovation, respect, transparency and communication, and hope you take pride in being a member of our team. It is Cirtec's goal to create a great work environment and to keep the company a great place to work. We offer a wide range of benefits, resources, and competitive compensation plans designed to support you at every career and life stage. Our benefits include Training and career development, Healthcare and well-being programs including medical, dental, vision, wellness and occupational health programs, Paid Time Off and 401(k) retirement savings with a company match.

Applied = 0
MORE JOBS LIKE THIS

(web-bd9584865-7clgh)