Senior Manager, Governance, Risk & Security Compliance

Job Description:

• Develop, implement, and maintain effective governance frameworks and policies to ensure organizational alignment with industry best practices and applicable regulatory compliance.
• Own the IT Policy, Standards and Compliance framework to ensure they are relevant, up to date, and enforced through the collaboration with senior leadership across the organization.
• Develop and refine risk mitigation strategies and action plans to safeguard the organization against potential threats; provide clear and concise directives to perform a mitigation or compensating change in the environment.
• Protect business applications in compliance with privacy, security, resiliency and data privacy through partnership with vendor, business, and IT stakeholders and leaders.
• Own Security compliance projects / initiatives that eliminate or manage exposure to the identified risk.
• Collaborate with compliance leaders to stay abreast of evolving healthcare regulations, standards, and federal/state laws.
• Analyze and propose resources for projects or initiatives.
• Communicate and collaborate with executives, managers, stakeholders, and contractors.
• Collaborate with internal teams to ensure the secure development, deployment, and maintenance of internally developed healthcare applications.
• Ensure there are security assessments and audits of applications, identifying vulnerabilities and oversee remediation efforts.
• Provide day-to-day leadership, coaching, and development for the GRC, Technology, and security compliance team, ensuring team members have clear direction, actionable feedback, and the support needed to grow technical and leadership capabilities.
• Set performance expectations, establish accountability, and guide the team through complex technical, compliance, and risk-mitigation work, ensuring high-quality execution and alignment with organizational priorities.
• Foster a strong team culture centered on collaboration, transparency, and continuous improvement, proactively removing barriers, encouraging knowledge-sharing, and motivating the team to deliver consistent, high-impact results.
• Coach and support Team Members through complex and high-impact situations, helping them build confidence, clarity, and sound decision-making
• Work with consultants and lead projects with contractors when needed.
• Provide input in strategic technical decisions and solutions to senior leadership.
• Manage time effectively and ensure timely communications with stakeholders, leaders and team members in communication channels.
• Focus on process improvement and process documentation efforts, reviewing staff and leader feedback for enhancements and changes.
• Identify and provide solutions to operational issues to improve data and privacy protection.
• Evaluate new regulatory statutes and determine its applicability and timing for implementation.
• Understand and articulate the key technical and operational challenges to mitigate a threat.
• Act as a Security compliance escalation point within the Cybersecurity team.
• Provide compliance consultation, training, and support to leaders and Team Members.

Requirements:

• Bachelor’s Degree or equivalent experience
• CISSP certification
• CISM/CRISC/CISA certifications
• 8+ years IT/technical experience including cloud experience
• 7+ years of people leadership experience
• 5+ years of IT security and compliance experience
• Bachelors degree in information security, technical management, or business administration preferred
• 7+ years of IT security, technology, compliance experience is preferred
• Microsoft 365 Certified Security Administrator Associate

Benefits:

• Collaboration: Takes ownership for collectively establishing productive partnerships and relationships and seek to gain joint understanding of priorities and objectives so that the greater good of the organization and those we serve is always at the forefront.
• Innovation: Consistently uses good judgment, applying creativity to overcome obstacles and increasing effectiveness and efficiency through process and other forms of innovation.
• Diversity & Inclusion: Fosters diversity and inclusion, to be able to better understand team members, our customers and partners. Engages the strengths and talents of each GoHealth team member, creating an environment of involvement, respect and connection where the richness of ideas, backgrounds and perspectives are harnessed.
• Courage & Integrity: Models and practices the highest ethical and professional standards; demonstrates pride and personal interest in our patients, partners and fellow team members, deeply engaging in the business. Makes decisions, with a focus on doing the right thing; treats team members, our customers, partners and vendors with dignity, consideration, open-mindedness and respect.
• Accountability: Always shows initiative, demonstrates a bias to action and gets things done. Actively accepts responsibility for diverse roles, obligations and actions that positively influence patient and customer outcomes, our partnerships and the healthcare needs of our communities.

Apply tot his job Apply To this Job