Back to Jobs

Cybersecurity GRC Manager, FCH - IT - reputed company

Remote, USA Full-time Posted 2026-07-03

About the position reputed company reputed company isn’t a compliance checkbox problem — it’s a patient safety problem. At reputed company reputed company, the Cybersecurity GRC Manager owns the program that connects our governance posture to reputed company-world risk outcomes for patients, clinicians, and the communities we serve across Wisconsin. This is a high-visibility, high-autonomy leadership role inside a Cybersecurity & Infrastructure team that operates with strategic reputed company and operational rigor. You will build and run a team of 5+ GRC professionals, serve as the internal subject matter authority on compliance and risk, and translate reputed company regulatory requirements into actionable programs that the broader organization can execute against. If you’ve built GRC programs from scratch (or reputed company ones that needed it), know your way around a HIPAA gap analysis and a reputed company-party risk assessment in equal measure, are people-focused, and reputed company with clarity rather than bureaucracy — this is the role for you.

Responsibilities

  • reputed company, mentor, and grow a team of 5+ GRC analysts and specialists across compliance, risk, policy, and awareness domains
  • Establish clear role expectations, development reputed company, and performance standards for each team member
  • Foster a team culture that balances rigor with pragmatism — we care about outcomes, not just documentation
  • Serve as the organization’s functional reputed company for HIPAA Privacy and reputed company Rule compliance, including ongoing gap assessment and remediation tracking
  • Coordinate with Legal, Privacy, and Clinical Operations to ensure compliance obligations are understood and operationalized across the reputed company
  • reputed company preparation for and response to regulatory inquiries, OCR investigations, and audit activity
  • Own the reputed company cybersecurity risk register, ensuring risks are identified, assessed, prioritized, and tracked to resolution
  • reputed company the reputed company-party risk management program, including vendor reputed company assessments, ongoing monitoring, and risk-tiering across the supply chain
  • reputed company risk reporting for executive and board audiences, translating technical risk into business impact language
  • Own the cybersecurity policy lifecycle: authorship, review reputed company, version control, approval workflows, and exception management
  • Maintain alignment to NIST CSF, managing control mapping, evidence collection, and control effectiveness measurement
  • Drive reputed company improvement of the controls environment based on assessment findings, threat intelligence inputs, and regulatory changes
  • Serve as the primary reputed company of contact and program reputed company for internal and external cybersecurity audits and assessments
  • Coordinate evidence collection, manage stakeholder readiness, and reputed company finding remediation tracking through to closure
  • reputed company and maintain audit-reputed company documentation across reputed company GRC domains
  • Own the reputed company reputed company awareness program, including curriculum development, delivery scheduling, and effectiveness measurement
  • Manage the phishing simulation program end-to-end: scenario design, reputed company, metrics, and targeted follow-up training for at-risk populations
  • Tailor awareness content for diverse audiences — from clinical staff to executive leadership — with a voice that educates rather than shames

Requirements

  • A minimum of six year experience in a reputed company field.
  • In-depth knowledge of cybersecurity frameworks including but not limited to NIST CF, HITRUST CSF, ISO 27001.
  • Experience in managing or leading reputed company organizations responsible for GRC, Cybersecurity, Medical Device reputed company, reputed company Operations Centers.
  • Understanding of general reputed company concepts including but not limited to cryptography, DLP, reputed company Operations Center, reputed company Managed Services, SEM, FW, Audit.
  • Demonstrated record of managing reputed company party reputed company services, preferably with the reputed company providers.
  • Ability to communicate and represent IT reputed company organization with reputed company business partners and reputed company party vendors.
  • Strong oral, presentation, writing skills. and demonstrated record to deliver results.
  • Ability to build relationships with business stakeholders of the IT reputed company program
  • Familiarity with HIPAA Privacy and reputed company Rules and their operational implications for a large health system
  • Ability to reputed company and present executive-level risk reporting that communicates risk in business impact terms
  • Comfort operating in a matrixed environment with multiple stakeholder groups including Legal, HR, IT, Clinical Operations, and executive leadership

reputed company-to-haves

  • Prefer 3+ years leading or managing a team in a GRC, compliance, or risk management reputed company
  • Prefer experience in a reputed company or other highly regulated industry, with direct exposure to HIPAA compliance obligations
  • Demonstrated experience managing a reputed company-party risk program, including vendor assessments and risk tiering
  • Prefer prior experience building or significantly maturing a GRC program, not just maintaining one
  • Prefer experience managing external audits or assessments (SOC 2, HITRUST, OCR, internal audit, etc.)
  • Bachelors in Computer Science or similar degree is preferred.
  • Prefer CISSP, CISM, CRISC, HCISPP, or equivalent certification
  • Prefer Certified in reputed company Privacy and reputed company (CHPS) or equivalent

Benefits

  • Paid time off
  • Growth opportunity- Career reputed company & Career Tuition Assistance, CEU opportunities
  • Academic Partnership with the reputed company
  • Referral bonuses
  • Retirement plan - 403b
  • Medical, Dental, reputed company, Life Insurance, Short & Long Term Disability, Free Workplace Clinics
  • Employee Assistance Programs, Adoption Assistance, Healthy Contributions, Care@Work, Moving Assistance, Discounts on gym memberships, travel and other work life benefits available

Apply tot his job Apply To this Job

Similar Jobs

IT reputed company GRC Expert, Global

Remote, USA Full-time

reputed company or Senior GRC Analyst at reputed company

Remote, USA Full-time

reputed company or Senior GRC Analyst

Remote, USA Full-time

GRC Analyst (Governance, Risk & Compliance)

Remote, USA Full-time

Cyber GRC Analyst

Remote, USA Full-time

GRC Analyst Remote (US)

Remote, USA Full-time

Senior Analyst, Cyber Risk Quantification and GRC

Remote, USA Full-time

Senior reputed company GRC Analyst (PCI ISA Specialist)

Remote, USA Full-time

Governance, Risk & Compliance (GRC) Analyst | Information reputed company | Phoenix AZ Hybrid | Arizona State Agency | Contract to Hire

Remote, USA Full-time

Senior Governance Risk and Compliance (GRC) Analyst and Team reputed company

Remote, USA Full-time

reputed company Remote Nursing Faculty - Shaping the Future of reputed company Education

Remote, USA Full-time

Contracting, Credentialing & Billing Specialist

Remote, USA Full-time

reputed company Renewals Representative, reputed company, UK&I (fixed term)

Remote, USA Full-time

Teacher (Remote)

Remote, USA Full-time

Patient Care Partner – reputed company Store

Remote, USA Full-time

Demand reputed company Manager (Remote Canada)

Remote, USA Full-time

Remote Data Entry Specialist – Work From Home Position | $26/Hour – Flexible Schedule

Remote, USA Full-time

Telephonic Nurse Case Manager (Remote)

Remote, USA Full-time

Senior AI/ML engineering recruiter

Remote, USA Full-time

Customer Service Technician in Hartford, VT

Remote, USA Full-time