TherapyNotes™ is the industry-preferred online EHR for behavioral health. Try one month free!

Lead GRC Analyst

ComplianceComplianceFull TimeRemoteTeam 51-200Since 2010H1B No SponsorCompany Site LinkedIn

Location

United States

Posted

10 days ago

Salary

$125K - $165K / year

Bachelor Degree5 yrs expEnglishCloud

Job Description

• Architect, implement, and continuously mature the organization’s Governance, Risk, and Compliance (GRC) program • Lead organization-wide risk identification, analysis, and treatment processes • Lead end-to-end third-party risk management activities • Conduct formal risk assessments across infrastructure, application, vendor, and business process domains • Collaborate with cross-functional teams to integrate GRC principles into business processes and systems • Monitor evolving regulatory requirements, enforcement trends, and industry best practices • Provide guidance and training to employees on GRC policies, procedures, and best practices • Oversee the execution of audits, assessments, and compliance activities • Ensure documentation artifacts support evidentiary requirements for regulatory examinations and certification audits • Act as a liaison with external auditors, regulators, and stakeholders on GRC-related matters • Develop and maintain key performance indicators (KPIs) and metrics to measure the effectiveness of GRC initiatives • Mentor and coach GRC analysts, fostering their professional development and growth within the organization • Drive continual improvement of the organization’s information security program • Identify and document cyber risks and manage mitigation • Assist with ad-hoc compliance reporting • Provide support to Information Security Incident Response team • Review architectural designs and new technology initiatives

Job Requirements

BS degree in Information Security, Risk Management, Business Administration, or related field
5+ years of experience in GRC, risk management, or related fields, with demonstrated leadership experience
Certified Information Systems Security Professional (CISSP), Certified Information Security Auditor (CISA), Certified Information Security Manager (CISM) or Certified in Risk and Information Systems Control (CRISC) strongly preferred
Strong knowledge of regulatory requirements (e.g., GDPR, HIPAA, PCI-DSS, CPRA) and industry standards (e.g., ISO 27001, NIST).
Expert in designing, implementing, and maintaining security solutions
Understanding of modern approaches to GRC such as Policy-as-Code and Compliance-as-Code
Experience developing and implementing GRC frameworks, policies, and procedures
Excellent analytical skills with the ability to assess complex risks and develop effective mitigation strategies
Exceptional communication and interpersonal skills, with the ability to effectively collaborate with stakeholders at all levels of the organization
Proven ability to lead and manage projects, including coordinating cross-functional teams and delivering results on time
Ability to adapt to a fast-paced and dynamic environment, with a focus on continuous improvement and innovation
Proficiency with security standards and secure configuration baselines such as CIS or OWASP
Proficiency with cloud-based solutions and web related technologies.

Benefits

Employer sponsored health, dental, vision, life, and disability insurance
Retirement plan with company contribution
Annual company profit sharing
Personal development/training budget
Open, collaborative work environment
Extensive 2-week onboarding plan
Comprehensive mentorship program

Related Categories

Compliance

Related Job Pages

Remote Full-time Jobs (US)More US Remote Jobs

More Compliance Jobs

Government Audit Supervisor

BlueCross BlueShield of South Carolina

South Carolina’s largest and oldest health insurance company

Compliance10 days ago

Full TimeRemoteTeam 10,001+Since 1946H1B No Sponsor

Company Site LinkedIn

This role is responsible for supervising the receipt, review, and settlement of the Medicare cost report, ensuring strict adherence to all Centers for Medicare and Medicaid Services (CMS) requirements. Key duties include performing supervisory review of all team audit work papers and settlement packages, planning and budgeting team work, and assisting in staff development through training.

View details: Government Audit Supervisor

United States

$65.5K - $130K / year

Apply

Regulatory Document Control Coordinator

Target Specialty Products

Target Specialty Products is a leading provider of Pest Management & Turf & Ornamental equipment and supplies.

Compliance10 days ago

Full TimeRemoteTeam 201-500H1B No Sponsor

Company Site LinkedIn

Regulatory Document Control Coordinator managing compliance documentation for Target Specialty Products

View details: Regulatory Document Control Coordinator

Tennessee

$22 - $32 / hour

Apply

Principal Compliance Engineer-PKI

GoDaddy

Compliance10 days ago

Full TimeRemoteTeam 5,001-10,000Since 1997H1B Sponsor

Company Site LinkedIn

This role involves leading technical representation in industry standards bodies and translating those standards into detailed technical specifications for the Certificate Authority (CA) platform evolution. Key duties include defining requirements for compliance automation, next-generation cryptographic systems readiness, and CA infrastructure resilience.

View details: Principal Compliance Engineer-PKI

United States

Apply