IT Security GRC Sr Specialist

@ Children's Health

Overview

The IT Security GRC Sr Specialist at Children's Health is crucial in ensuring adherence to healthcare regulations, mitigating risks, and maintaining a robust compliance program. The role focuses on governance, risk management, and compliance aligned with standards such as HIPAA, HITECH, NIST CSF, HITRUST, and ISO 27001. This position also provides mentorship to junior team members.

Responsibilities

• Governance: Develop, maintain, and enforce healthcare policies and procedures; implement governance frameworks.
• Risk Management: Conduct risk assessments, maintain risk registers, and support incident response planning.
• Compliance: Monitor adherence to HIPAA, HITECH, CMS guidelines, and state laws; assist with audits and vendor risk assessments.
• Reporting: Prepare reports, dashboards, and KPIs for leadership.
• Collaboration & Training: Work with IT, Legal, and Operations; conduct training and awareness sessions; act as a liaison for external audits.

Work Experience & Education

Minimum 3 years’ experience in GRC roles within healthcare is required. A four-year degree in Healthcare Administration, Information Security, Risk Management or equivalent is expected. Advanced degrees or certifications such as CHC, CISA, CCSFP, CISSP are a plus.

Benefits & Culture

Children's Health offers holistic benefits including medical plan premium support, savings plan match, parental leave, and caregiver/adoption benefits. The organization values diversity, cultural sensitivity, and professional growth.

Key Skills/Competency

• Governance
• Risk Assessment
• Compliance
• HIPAA
• NIST CSF
• Healthcare Regulations
• Incident Response
• Reporting
• Mentorship
• Policy Development