Director-Governance, Risk, and Compliance (GRC)

About the Role

We seek an experienced Director of Governance, Risk, and Compliance (GRC) to lead our security and compliance efforts and drive our organization's goal of achieving StateRAMP and FedRAMP certifications. The ideal candidate will be a seasoned professional with extensive experience in the state and federal space, bringing expertise in standards, assessments, and frameworks such as NIST 800-53, ISO 27001, and SOC2, among others. This position requires a great communicator, and strategic thinker who can manage compliance initiatives, lead audits, and ensure adherence to applicable regulations while collaborating with internal and external stakeholders.

This is a highly visible role reporting to the CISO and will allow you to impact our organization significantly. 

A Day in the Life

Strategic Leadership:

• Develop and implement a comprehensive GRC strategy aligned with the organization’s objectives, particularly for StateRAMP and FedRAMP certifications.
• Drive risk and compliance programs and ensure alignment with frameworks, standards and regulations.
• Collaborate closely with the CISO to integrate GRC initiatives into broader security and risk management strategies.
• Participate and lead in cross-organizational governance. 

Audits, Assessments, and Certifications::

• Lead internal and external audits, including ISO 27001, SOC2, and healthcare-specific frameworks and certifications like HIPAA and HITRUST.
• Serve as the primary liaison with external audit firms and 3PAOs, ensuring successful audit outcomes.

Risk Management and Compliance:

• Develop and maintain risk assessment processes to identify, mitigate, and monitor risks.
• Provide guidance on emerging risks, regulatory changes, and industry trends.
• Maintain compliance with frameworks and regulations including, but not limited to MARSe and CJIS data requirements, where applicable.
• Manage our Third-Party Risk Management (TPRM) program. 

Collaboration and Communication:

• Partner with cross-functional teams, including Security, IT, Infrastructure, Development, Legal, and Operations, to embed compliance into business processes.
• Provide insights and recommendations to the CISO on regulatory changes and emerging risks
• Assess, train, and educate employees on GRC policies, procedures, and best practices.

Technology and Tools:

• Manage and optimize the use of GRC software to streamline compliance workflows audits and make use of a Common Controls Framework.
• Provide insights into the ongoing monitoring of controls.

 What You Need

Experience:

• Proven track record as a Director (or similar leadership role) in Governance, Risk, and Compliance.
• Extensive experience in the State and Federal space, with a strong understanding of NIST 800-53, StateRAMP, and FedRAMP requirements.
• Hands-on experience with MARSe and CJIS data compliance (preferred).
• Experience managing third-party risk programs.
• Managing and mentoring teams. 

Certifications, Assessments, and Frameworks:

• Proficiency in managing audits for ISO 27001 and SOC2; 
• Healthcare compliance experience (HIPAA, HITRUST) is a plus.
• CISA, CRISC, CISM, ISO27001 LA, HITRUST Certified, and CFE is a plus.

Technical Skills:

• Expertise in GRC software and compliance tools.
• Strong knowledge of cloud technologies and their compliance implications.

Soft Skills:

• Exceptional leadership, presentation, and communication skills, with the ability to influence stakeholders at all levels.
• Critical thinking, negotiating, and problem-solving skills. 
• Detail-oriented with strong analytical and problem-solving abilities.
• Demonstrated ability to manage highly complex, high-stakes compliance projects.
• A sense of humor is a plus.

We offer competitive benefits to set you up for success in and outside of work.

Here’s What We Offer

• Generous PTO Benefits: Enjoy a PTO benefit accrual of 22 days per year.
• Parental Leave: Experience one of the industry's best parental leave policies to spend time with your new addition.
• Rewards & Recognition: Unlock your potential and be rewarded generously with both monetary incentives and widespread recognition for your dedication and outstanding performance. Unlock your potential and be rewarded generously with monetary incentives and widespread recognition for your dedication and outstanding performance.
• Insurance Benefits: We offer medical, dental, and vision benefits along with 100% company-sponsored short and long-term disability and basic life insurance. Legal aid and pet insurance options are available at a discounted rate.

Innovaccer is an equal opportunity employer. We celebrate diversity, and we are committed to fostering an inclusive and diverse workplace where all employees, regardless of race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, marital status, or veteran status, feel valued and empowered.

Disclaimer: Innovaccer does not charge fees or require payment from individuals or agencies for securing employment with us. We do not guarantee job spots or engage in any financial transactions related to employment. If you encounter any posts or requests asking for payment or personal information, we strongly advise you to report them immediately to our HR department at px@innovaccer.com. Additionally, please exercise caution and verify the authenticity of any requests before disclosing personal and confidential information, including bank account details.