ZipRecruiter

Log In

1

Ccsfp Jobs (NOW HIRING)

Hearst

Security Manager

Tampa, FL · On-site

Relevant certifications (e.g., CISSP, CISA, CISM, HCISPP, Security+, CCSFP ). * Successful candidate must be able to successfully complete a background check and drug screening. At MHK we help health ...

OSG

GRC Cybersecurity Lead

Carol Stream, IL · On-site

CISSP, CISA, CISM, CRISC, CIPP, HCISPP, HITRUST CCSFP, or PCI ISA. • Experience in healthcare, financial services, fintech, payments, or other heavily regulated industries. • Hands-on experience ...

Hearst Health

Security Manager

Tampa, FL · On-site

Relevant certifications (e.g., CISSP, CISA, CISM, HCISPP, Security+, CCSFP ). * Successful candidate must be able to successfully complete a background check and drug screening. At MHK we help health ...

Hearst

Security Manager

Tampa, FL · On-site

Relevant certifications (e.g., CISSP, CISA, CISM, HCISPP, Security+, CCSFP ). * Successful candidate must be able to successfully complete a background check and drug screening. At MHK we help health ...

Wayspring

Manager, Security

Buffalo, NY · On-site

... CCSFP maintenance). We are eager to support your continued development in this role. Responsibilities of the Manager, Security * Runs client security due-diligence as a sales-enablement function.

Hearst

Security Manager

Tampa, FL · On-site

Relevant certifications (e.g., CISSP, CISA, CISM, HCISPP, Security+, CCSFP ). * Successful candidate must be able to successfully complete a background check and drug screening. At MHK we help health ...

Strata Decision Technology

Senior GRC Associate

Chicago, IL · On-site

$70K - $94K/yr

CCSFP, CRISC, CISA Estimated Salary Range: $70,000 - $94,000 Actual salary will be determined based on factors including, but not limited to, skill set and level of experience. This salary range is a ...

Wayspring

Manager, Security

Nashville, TN · On-site

... CCSFP maintenance). We are eager to support your continued development in this role. Responsibilities of the Manager, Security * Runs client security due-diligence as a sales-enablement function.

OneStudyTeam

Senior Security Compliance Analyst

$110K - $140K/yr

ISO 27001 Lead Auditor/Implementer, CISSP, CISM, CISA, HITRUST CCSFP, CRISC. * Experience leading ISO 27001, SOC2, or HITRUST audits, including ISMS implementation and external audit coordination.

next page

Showing results 1-20

All JobsCcsfp Jobs

Ccsfp information

See salary details

$61.5K

$89.7K

$110K

How much do ccsfp jobs pay per year?

As of Jun 16, 2026, the average yearly pay for ccsfp in the United States is $89,678.00, according to ZipRecruiter salary data. Most workers in this role earn between $70,500.00 and $108,500.00 per year, depending on experience, location, and employer.

What are the key skills and qualifications needed to thrive in the Ccsfp position, and why are they important?

To thrive as a CCSFP (Certified Cybersecurity Framework Professional), you need a thorough understanding of cybersecurity frameworks (such as HITRUST CSF, NIST, or ISO 27001), risk management, and compliance regulations, typically backed by relevant experience and industry-recognized certifications. Familiarity with assessment tools, audit software, and governance, risk, and compliance (GRC) platforms is commonly required. Strong analytical thinking, meticulous attention to detail, and effective communication help professionals excel when working with clients or cross-functional teams. These skills ensure proper evaluation of security controls, successful client interactions, and effective guidance in meeting compliance standards.

What kind of career growth can I expect as a CCSFP?

As a CCSFP, you benefit from strong career growth opportunities in the cybersecurity and compliance domains, with potential paths leading to senior consultant, manager, or director roles in risk management and information security. Your expertise in complex cybersecurity frameworks is highly valued in industries such as healthcare, finance, and technology, opening doors to specialized advisory or leadership positions. Many professionals also broaden their credentials by pursuing advanced certifications like CISSP or CISA. The demand for compliance and risk professionals continues to grow, allowing skilled CCSFPs to shape the future of organizational security and compliance strategies.

What is a CCSFP job?

A CCSFP (Certified CSF Practitioner) is a cybersecurity professional specializing in the HITRUST Common Security Framework (CSF). They help organizations assess, implement, and maintain compliance with HITRUST CSF requirements. Their role often includes risk assessments, gap analyses, and advisory services to ensure organizations meet security and regulatory standards. CCSFPs typically work in healthcare, finance, and other regulated industries that require strong data protection.

More about Ccsfp jobs
What job categories do people searching Ccsfp jobs look for? The top searched job categories for Ccsfp jobs are:
Ccsfp jobs near you
Infographic showing various Ccsfp job openings in the United States as of June 2026, with employment types broken down into 100% Full Time. Highlights an 90% Physical, and 10% Remote job distribution, with an average salary of $89,678 per year, or $43.1 per hour.
Security Manager

Security Manager

Hearst

Tampa, FL • On-site

Full-time

Medical, Dental, Vision, Life, Retirement, PTO

Posted 3 days ago

Hearst rating

6.8

Company rating: 6.8 out of 10

Based on 25 frontline employees who took The Breakroom Quiz

48th of 65 rated media

Job description

Job Description
The Security Manager will lead, implement, and maintain our security, privacy, and certification programs for MarketProminence. This role will be responsible for designing and operationalizing SOC2 compliant policies, managing our GRC platform, coordinating audits, ensuring readiness for external assessments, and serving as a key resource for client security requests.This Security Manager will work as an individual contributor cross-functionally with Engineering, Security, HR, and Operations teams to ensure our controls are well-designed, consistently implemented, and documented in alignment with regulatory requirements and industry best practices. This position can be based Hybrid in Tampa, FL or Guilford, CT.
Key Responsibilities:
Certification Program Development
  • Lead the company's SOC 2 Type II and HIPAA compliance initiatives from planning through certification.
  • Develop, draft, and maintain security, IT, and privacy policies aligned with SOC 2, HIPAA, NIST, and other relevant standards.
  • Establish and maintain a security roadmap, including milestones, control gaps, remediation steps, and timelines.

GRC Tool Ownership
  • Implement, configure, and administer the company's GRC platform.
  • Map controls, evidence sources, workflows, and automated tests within the GRC tool.
  • Ensure continuous monitoring and automated evidence collection is accurate and functioning.
  • Work with MarketProminence team to correct any findings.

Audit & Certification Management
  • Serve as the primary liaison for external auditors, assessors, and compliance partners.
  • Prepare audit-ready documentation, evidence, and controls for SOC 2 Type II and HIPAA audits.
  • Coordinate and track internal control testing and remediation actions.
  • Maintain readiness for annual recertification and surveillance audits.

Policy & Process Implementation
  • Train internal teams on new policies, procedures, and compliance requirements.
  • Collaborate with Engineering and DevOps to implement technical security controls (e.g., logging, access management, encryption, vulnerability management).
  • Ensure proper implementation and documentation of administrative, physical, and technical safeguards required for HIPAA.

Client Security Requests
  • Manage client and prospect security questionnaires.
  • Maintain standardized responses and supporting documentation.
  • Participate in security review calls with clients as needed.

Risk Management & Internal Oversight
  • Maintain the MarketProminence risk register and ensure timely risk assessments.
  • Oversee third-party vendor security evaluations and monitoring.
  • Participate in incident response planning, tabletop exercises, and post-incident reviews.
  • Monitor and report on compliance KPIs and risk posture to leadership.

Continuous Improvement
  • Stay current with regulatory requirements and industry frameworks (e.g., SOC 2, HIPAA).
  • Recommend and implement improvements to enhance the company's security and compliance posture.
  • Evaluate and introduce new tools, processes, and automation opportunities.

Skill Requirements:
  • 3-7+ years of experience in security, compliance, IT risk, or related field.
  • Direct experience with SOC 2 Type II and/or HIPAA compliance initiatives.
  • Strong familiarity with common GRC tools and compliance automation platforms.
  • Experience drafting policies, procedures, and technical security documentation.
  • Ability to manage audits, communicate with auditors, and gather required evidence.
  • Understanding of security best practices (access control, encryption, logging, vulnerability management, cloud security).
  • Excellent organizational, project management, and cross-functional communication skills.

Education/Certification Requirements:
  • Bachelor's Degree or relevant certifications

Additional Competency Requirements:
  • Experience in a SaaS, cloud-native, or healthcare IT environment.
  • Knowledge of AWS, Azure, or other cloud security frameworks.
  • Experience with HITRUST, ISO 27001, or NIST frameworks.
  • Relevant certifications (e.g., CISSP, CISA, CISM, HCISPP, Security+, CCSFP).
  • Successful candidate must be able to successfully complete a background check and drug screening.

At MHK we help health plans and pharmacy benefit managers deliver optimal care management across every member's health journey. We do this through state-of-the-art technology that provides critical insights from member enrollment and maintenance through every stage of care and compliance. We believe that long-term partnerships are built on trust. Our team members are expected to build trusted advisory relationships-with MHK clients and one another-through responsive, transparent communication, while honoring commitments, and tying that trust to outcomes.
Benefits Snapshot:
  • Medical, vision, and dental plans for full time employees
  • 401(k) offered with a generous match
  • Benefits begin on first day of the month following employment
  • Exercise/Health Club reimbursement opportunity
  • Monthly dependent care reimbursement opportunity
  • Short Term and Long-Term disability
  • Basic Term Life and AD&D Insurance
  • Generous PTO and Company Paid Holidays

EQUAL OPPORTUNITY EMPLOYER - VETERANS/DISABLED. Always be aware ofRecruitment Fraud

What Hearst employees say

Pay

Benefits

Hours and flexibility

Workplace

Get the full story on Breakroom

Apply