Director of Security, GRC

Формат работы

remote (только USA)

Тип работы

fulltime

Грейд

director

Английский

Страна

Вакансия из Hirify Global, списка международных tech-компаний
Для мэтча и отклика нужен Plus

Мэтч & Сопровод

Для мэтча с этой вакансией нужен Plus

Описание вакансии

Текст:

TL;DR

Director of Security, GRC: Lead and scale enterprise GRC program for healthcare platform with an accent on risk management, compliance certifications, and audit preparedness. Focus on building cohesive frameworks, managing GRC platforms like Vanta, and ensuring alignment with regulatory requirements including SOC 2, HIPAA, SOX/ITGC, HITRUST, and CPRA.

Location: Remote, United States

Company

hirify.global is a public benefit corporation that empowers independent primary care practices through value-based care networks and platforms.

What you will do

Build, lead, and mature the Governance, Risk & Compliance program.
Own enterprise risk management framework, risk registry, and reporting to leadership and Audit Committee.
Lead compliance certification programs including SOC 2, HIPAA, SOX/ITGC, HITRUST, and CPRA.
Manage audit preparedness, evidence collection, and execution across Security, IT, Product, and Legal teams.
Oversee Vanta Trust platform for continuous control monitoring, automation, and Trust Center management.
Develop and enforce policies and standards aligned with NIST, ISO 27001, HIPAA, and AI RMF.

Requirements

10+ years in Governance, Risk, Compliance, or Information Security, with 5+ years in leadership
Strong knowledge of risk frameworks and regulations: SOC 2, HIPAA, SOX/ITGC, HITRUST, CPRA
Experience preparing for external audits and certifications
Hands-on with GRC platforms like Vanta, OneTrust, or Archer
Ability to design and operationalize compliance programs and policies at scale
Excellent leadership, communication, and cross-functional collaboration skills

Nice to have

CISA, CISM, CRISC, or CISSP certifications
Deep knowledge of NIST, ISO 27001 frameworks
Program management and audit coordination experience
Experience growing and mentoring teams

Culture & Benefits

Remote-first culture with flexible work schedules
Health, dental, vision insurance up to 80% covered
21 days PTO first year, 12 weeks parental leave, 6 weeks sabbatical after 6 years
401(k) with 4% match, stock options, educational reimbursements
Two volunteer days, 11 paid holidays
Collaborative, inclusive environment focused on public health mission

Будьте осторожны: если работодатель просит войти в их систему, используя iCloud/Google, прислать код/пароль, запустить код/ПО, не делайте этого - это мошенники. Обязательно жмите "Пожаловаться" или пишите в поддержку. Подробнее в гайде →