Senior Manager, Governance, Risk, and Compliance (GRC) - Remote

Overview

The Senior Manager, Governance, Risk, and Compliance (GRC) will design, implement, and scale a modern GRC capability that collaborates closely with Quality + Compliance, IT, Legal, People Ops, and Product + Engineering teams.

In Short

• Drive the operation of the cross functional GRC Committee.
• Establish and maintain governance frameworks aligned with NIST CSF 2.0, ISO 27001/27701, and SOC 2.
• Build and manage the enterprise cyber/IT risk register.
• Own external certification readiness (SOC 2, ISO, HIPAA, GDPR).
• Oversee governance of DLP, IAM, and other security controls.
• Lead the deployment of a GRC platform to automate vendor risk and audits.
• Manage and mentor a team of GRC and Technical analysts.
• Collaborate with Regulatory & Quality to align IT/cyber controls.
• Build executive dashboards and metrics tied to business impact.
• Other duties as assigned.

Requirements

• Bachelor’s degree or equivalent work experience preferred.
• 5+ years in cybersecurity, GRC, compliance, or risk management roles preferred.
• Demonstrated experience running audit/certification cycles.
• Experience standing up or maturing a GRC function in a SaaS context.
• Relevant certifications (CISA, CRISC, CISSP) preferred.

Benefits

• Accelerate your skills and career within a fast-growing company.
• Impact the future of healthcare.
• Inclusive culture valuing diversity.
• Opportunities to learn, grow, and continuously improve.
• Equal opportunity employer that values diversity.