What You’ll Be Doing:
Grow Therapy is seeking an experienced Security Governance, Risk Management and Compliance (GRC) Lead to join our growing, remote-friendly Security team. This is the first role of its kind at Grow, and reports directly to our Head of Security.
The GRC Lead is a hands-on role, and is responsible for building and owning Grow’s Security compliance and risk management program. This position will be part of a growing group of security, legal, and compliance experts across the company and work with technology, legal and business partners to meet our risk management needs.
This role must collaborate effectively with development, engineering, and operations counterparts as well as internal and external partners to identify, articulate, prioritize, manage, and monitor security risks to protect Grow data, services, and information assets.
Responsibilities:
Develop, implement, mature, and champion risk management processes and concepts.
Deploy the risk management framework, processes, and tools to conduct risk assessments effectively and consistently.
Conduct third-party risk assessments and security reviews of third-party vendors/suppliers.
Work closely with technology and legal partners and business units to ensure appropriate security and data protection requirements are incorporated into third-party engagements.
Conduct risk assessments of business units, critical processes and information assets.
Partner with Legal and Compliance to prepare Grow for external audits and certifications (e.g HIPAA, SOC 2)
Manage our security risk posture and define and report key risk metrics to management on a regular basis
You’ll be a good fit if you have:
A minimum of 7 years of experience in information security risk management, including risk assessment and treatment, risk metrics and trend analysis
Experience building and implementing Third Party Security Risk Assessment (TPSRA) programs.
Strong knowledge of healthcare security and data privacy standards and regulations such as HIPAA, HITRUST, GDPR, CCPA, etc.
Strong analytical and problem-solving skills.
Strong written and verbal communication skills, building strong relationships at all levels of the organization from executives to project teams.
Detail oriented and highly organized, with the ability to thrive in a fast-paced environment and prioritize accordingly.
Knowledge of how to use data to influence program strategy and tell compelling stories about organizational effectiveness and impact.
Salary range: $127,000 - $166,000
If you don’t meet every single requirement, but are still interested in the job, please apply. Nobody checks every box, and Grow belives the perfect candidate is more than just a resume.
