Lead GRC Analyst @ TherapyNotes, LLC | Jobright.ai
JOBSarrow
RecommendedLiked
0
Applied
0
External
0
Lead GRC Analyst jobs in United States
127 applicants
company-logo

TherapyNotes, LLC · 14 hours ago

Lead GRC Analyst

ftfMaximize your interview chances
Health CareTherapeutics

Insider Connection @TherapyNotes, LLC

Discover valuable connections within the company who might provide insights and potential referrals.
Get 3x more responses when you reach out via email instead of LinkedIn.

Responsibilities

Develop and implement GRC strategies, policies, and procedures to ensure compliance with regulatory standards and industry best practices
Lead the assessment and management of risks across the organization, including conducting risk assessments, identifying gaps, and developing mitigation plans
Collaborate with cross-functional teams to integrate GRC principles into business processes and systems
Monitor regulatory changes and industry trends to ensure the organization remains compliant and proactive in addressing emerging risks
Provide guidance and training to employees on GRC policies, procedures, and best practices
Oversee the execution of audits, assessments, and compliance activities to validate adherence to compliance standards
Act as a liaison with external auditors, regulators, and stakeholders on GRC-related matters
Develop and maintain key performance indicators (KPIs) and metrics to measure the effectiveness of GRC initiatives
Mentor and coach GRC analysts, fostering their professional development and growth within the organization
Drive the execution and continual improvement of the company's information security program, including meeting HIPAA-HITECH, state, and GDPR compliance requirements
Identify and document cyber risks and manage mitigation, follow up on open security risks, and report issues to leadership
Assist with ad-hoc compliance reporting and follow up with customers and/or support partners to ensure all identified vulnerabilities are being addressed
Provide support to Information Security Incident Response team during cyber/privacy incidents
Validate that information security requirements are built into architectures and new technology projects
Ensures the running application and developing codebase protects the confidentiality, integrity, and availability of our customer's data
Evaluate the technical security posture of newly proposed third-party solutions

Qualification

Find out how your skills align with this job's requirements. If anything seems off, you can easily click on the tags to select or unselect skills to reflect your actual expertise.

Information SecurityRisk ManagementGRCCISSPCISACISMCRISCGDPRHIPAAPCI-DSSCPRAISO 27001NISTSecurity SolutionsGRC FrameworksOWASPCIS StandardsCloud SolutionsWeb TechnologiesCompliance TrainingIncident ResponseCross-functional CollaborationMentoring

Required

BS degree from an accredited postsecondary institution or program in Information Security, Risk Management, Business Administration, or related field
5+ years of experience in GRC, risk management, or related fields, with demonstrated leadership experience
Strong knowledge of regulatory requirements (e.g., GDPR, HIPAA, PCI-DSS, CPRA) and industry standards (e.g., ISO 27001, NIST)
Expert in designing, implementing, and maintaining security solutions
Experience developing and implementing GRC frameworks, policies, and procedures
Expert in OWASP, CIS and/or other security standards and secure configuration baselines
Proficiency with cloud-based solutions and web related technologies

Preferred

Certified Information Systems Security Professional (CISSP), Certified Information Security Auditor (CISA), Certified Information Security Manager (CISM) or Certified in Risk and Information Systems Control (CRISC) strongly preferred

Benefits

Employer sponsored health, dental, vision, life, and disability insurance
Retirement plan with company contribution
Annual company profit sharing
Personal development/training budget
Open, collaborative work environment
Extensive 2-week onboarding plan
Comprehensive mentorship program

Company

TherapyNotes, LLC

twittertwittertwitter
company-logo
TherapyNotes® is an online practice management system for behavioral health, featuring robust notes, scheduling, and billing features.

Funding

Current Stage
Growth Stage

Leadership Team

B
Brad Pliner
CEO
linkedin
Company data provided by crunchbase
logo

Orion

Your AI Copilot