SIGN IN
Sr. Manager, Governance, Risk & Security Compliance jobs in United States
cer-icon
Apply on Employer Site
company-logo

GoHealth Urgent Care · 11 hours ago

Sr. Manager, Governance, Risk & Security Compliance

positionUnited States
timeFull-time
remoteOnsite
senioritySenior Level, Lead/Staff
date8+ years exp
GoHealth Urgent Care is committed to making their employees feel valuable. The Sr. Manager, Governance, Risk, & Security Compliance (GRC) is responsible for developing and maturing the GRC program, leading security compliance projects, and creating standards and policies in alignment with the organization's strategic direction.
Hospital & Health Care
check
H1B Sponsor Likelynote

Responsibilities

Develop, implement, and maintain effective governance frameworks and policies to ensure organizational alignment with industry best practices and applicable regulatory compliance
Own the IT Policy, Standards and Compliance framework to ensure they are relevant, up to date, and enforced through the collaboration with senior leadership across the organization
Develop and refine risk mitigation strategies and action plans to safeguard the organization against potential threats; provide clear and concise directives to perform a mitigation or compensating change in the environment
Protect business applications in compliance with privacy, security, resiliency and data privacy through partnership with vendor, business, and IT stakeholders and leaders
Own Security compliance projects / initiatives that eliminate or manages exposure to the identified risk
Collaborate with compliance leaders to stay abreast of evolving healthcare regulations, standards, and federal/state laws
Analyze and propose resources for projects or initiatives
Communicate and collaborate with executives, managers, stakeholders, and contractors
Collaborate with internal teams to ensure the secure development, deployment, and maintenance of internally developed healthcare applications
Ensure there are security assessments and audits of applications, identifying vulnerabilities and oversee remediation efforts
Provide day-to-day leadership, coaching, and development for the GRC, Technology, and security compliance team, ensuring team members have clear direction, actionable feedback, and the support needed to grow technical and leadership capabilities
Set performance expectations, establish accountability, and guide the team through complex technical, compliance, and risk-mitigation work, ensuring high-quality execution and alignment with organizational priorities
Foster a strong team culture centered on collaboration, transparency, and continuous improvement, proactively removing barriers, encouraging knowledge-sharing, and motivating the team to deliver consistent, high-impact results
Coach and support Team Members through complex and high-impact situations, helping them build confidence, clarity, and sound decision-making
Work with consultants and lead projects with contractors when needed
Provide input in strategic technical decisions and solutions to senior leadership
Manage time effectively and ensure timely communications with stakeholders, leaders and team members in communication channels
Focus on process improvement and process documentation efforts, reviewing staff and leader feedback for enhancements and changes
Identify and provide solutions to operational issues to improve data and privacy protection
Evaluate new regulatory statutes and determine its applicability and timing for implementation
Understand and articulate the key technical and operational challenges to mitigate a threat
Act as a Security compliance escalation point within the Cybersecurity team
Provide compliance consultation, training, and support to leaders and Team Members

Qualification

CISSP certificationCISM/CRISC/CISA certificationsCloud architectureIT security complianceGRC SaaS platformRisk managementCybersecurity auditData governanceLeadership skillsCommunication skillsInterpersonal skillsDetail-orientedCritical thinking

Required

Bachelor's Degree or equivalent experience
CISSP certification
CISM/CRISC/CISA certifications
8+ years IT/technical experience including cloud experience
7+ years of people leadership experience
5+ years of IT security and compliance experience

Preferred

Bachelors degree in information security, technical management, or business administration
7+ years of IT security, technology, compliance experience is preferred
Microsoft 365 Certified Security Administrator Associate Knowledge, Skills, and Abilities
Proven work experience as Manager of GRC or similar role
In depth understanding of the business impact from a data privacy breach of HIPAA and/or PII data
Understanding in conducting a cybersecurity audit and performing a privacy / vendor risk assessment
Experience in managing a security awareness phishing and training campaigns using automated solutions
Inspiration on how best to educate and train employees against opening a malicious attachment/URLs, scan QR codes or click on a Smish, or Vish
Hands on experience with a GRC SaaS platform such as OneTrust or Archer
Understanding risk ratings (high, critical, moderate) and the ability to form a risk-based decision of their impact from a threat
Knowledge of malware, ransomware, credentials compromise, phishing, PUP, OWASP, their impact and how to protect against them from nation state threat actors and common attackers
In depth knowledge of legal and people/HR team investigative protocols, and processes
Detail-oriented and critical thinking of technical and non-technical scenarios
Communication skills and working with other leaders / influencers
Networking knowledge; switching, MS Intune, MS conditional access, firewalls, WAN and wireless infrastructure, iOT and remote access
Experience developing, socializing, implementing, and enforcing policies, standards, and procedures
Up-to-date understanding of a wide range of incident response, system configuration, vulnerability management, PEN testing, secure design, architecture, and hardening guidelines
Understanding of secure coding toll gates in application development lifecycle management and iterative agile methodology
Understanding of zero trust architectures and applicability
Demonstrated ability to lead, mentor, and develop high-performing technical teams, fostering accountability, trust, and continuous growth

Company

GoHealth Urgent Care

twitter
Glassdoor3.2
company-logo
GoHealth partners with innovative and award-winning health systems to simplify and improve the way customers across the U.S.
dateFounded in 2014
location
Atlanta, GA, US
people-size1001-5000 employees
web-link
http://www.gohealthuc.com

H1B Sponsorship

GoHealth Urgent Care has a track record of offering H1B sponsorships. Please note that this does not guarantee sponsorship for this specific role. Below presents additional info for your reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2024 (2)
2021 (1)

Funding

Current Stage
Late Stage

Leadership Team

leader-logo
Bob Kinard
Chief Operating Officer
linkedin
leader-logo
Aishah S.
Manager, People Business Partner
linkedin

Recent News

Hartford Business Journal
UPDATED: Hartford HealthCare expands into Middlesex County
2024-04-07
Mercy-GoHealth Urgent Care Opens in South St. Louis
2024-03-07
Mercy-GoHealth Urgent Care Opens in Union
2024-03-07
Company data provided by crunchbase