PitchMeAI
Ladders

Director, Governance, Risk, and Compliance (GRC)

Ladders · United States

  • Hybrid
  • Full-time
  • $230,000 / year
  • United States

Job highlights

  • Lead GRC strategy in a healthcare leader.
  • Manage security compliance and risk programs.
  • Oversee audits, incident response, and BCP.
  • Requires 8+ years in regulated environments.
  • Remote role with competitive compensation.

About the role

Director, Governance, Risk, And Compliance (GRC)

For our client, we are seeking a Director, Governance, Risk, And Compliance (GRC) to join the team of a leader in the Healthcare space. This role will drive meaningful impact across key initiatives and partner cross-functionally to deliver measurable outcomes. You will work closely with stakeholders to execute against strategic priorities and scale performance. The position offers the opportunity to influence both strategy and execution in a high-growth environment.

Location: Remote - US based candidates only, no visa sponsorship available

Compensation: $212,000 – $230,000 annually

Responsibilities

  • Define and evolve the company’s security governance and risk management strategy.
  • Own the company’s security compliance posture, including federal and state regulations.
  • Lead security audits and regulatory inquiries in collaboration with other teams.
  • Ensure accountability for GRC outcomes across internal partners and vendors.
  • Manage the company’s third-party risk management program from start to finish.
  • Coordinate governance for incident response, crisis management, and business continuity efforts.
  • Influence and build partnerships across various departments to address security and compliance issues.

Qualifications

  • 8+ years of experience in information security or related disciplines.
  • Extensive experience leading governance and compliance programs in regulated environments.
  • Strong knowledge of HIPAA and healthcare security requirements.
  • Experience in a public company or similarly regulated environment.
  • Proven vendor management experience with third-party GRC service providers.
  • Hands-on skills in incident response and crisis management.
  • Exceptional communication and stakeholder management skills.

Benefits

  • Comprehensive medical, dental, and vision coverage.
  • 401k matching and performance-based bonus program.
  • Remote-first culture supporting flexibility and work-life balance.
  • Professional development funding and mentorship programs.
  • Employee Stock Purchase Plan (ESPP) and office setup reimbursement.

Our client is an equal opportunity employer. We encourage you to apply even if you don’t meet every qualification—your background could be exactly what this team needs.

Key skills/competency

  • Governance Risk Compliance (GRC)
  • Information Security
  • Risk Management
  • Compliance
  • HIPAA
  • Healthcare Security
  • Regulatory Compliance
  • Incident Response
  • Business Continuity
  • Stakeholder Management

Skills & topics

  • Director
  • Governance
  • Risk
  • Compliance
  • GRC
  • Healthcare
  • Information Security
  • Security Compliance
  • Risk Management
  • HIPAA
  • Remote
  • Director of GRC
  • Security Audits
  • Third-Party Risk Management
  • Incident Response

How to get hired

  • Tailor your resume: Highlight experience in information security, GRC, and regulated healthcare environments, emphasizing HIPAA and compliance.
  • Showcase leadership: Detail your experience leading governance, risk, and compliance programs, including managing audits and vendor relationships.
  • Demonstrate communication skills: Prepare examples of how you've effectively managed stakeholders and influenced cross-functional teams.
  • Understand the company: Research the client's healthcare focus, their commitment to security, and their remote-first culture to align your application.
  • Prepare for interviews: Be ready to discuss strategic GRC initiatives, incident response scenarios, and your approach to compliance in a high-growth setting.

Technical preparation

Master HIPAA and healthcare security regulations.,Develop expertise in GRC frameworks.,Practice incident response and BCP planning.,Understand public company compliance requirements.

Behavioral questions

Describe leading a security audit.,How do you manage vendor risk?,Share an incident response success story.,How do you influence cross-functional teams?

Frequently asked questions

What are the key responsibilities for a Director of Governance Risk and Compliance at this healthcare company?
The Director of Governance Risk and Compliance will define security governance and risk strategy, manage compliance posture (including HIPAA and state/federal regulations), lead security audits and inquiries, oversee third-party risk management, and coordinate incident response, crisis management, and business continuity efforts. This role also involves building partnerships across departments to address security and compliance challenges.
What qualifications are essential for the Director of Governance Risk and Compliance role?
Candidates need 8+ years of experience in information security or related fields, with extensive experience leading GRC programs in regulated environments. Strong knowledge of HIPAA and healthcare security is crucial, as is experience in a public or similarly regulated company. Excellent communication and stakeholder management skills, alongside hands-on incident response experience, are also required.
Is this Director of GRC position remote and are there location restrictions?
Yes, this is a remote position. However, only US-based candidates are being considered for this role. Additionally, visa sponsorship is not available for this position.
What is the salary range for the Director of Governance Risk and Compliance position?
The annual compensation for this role is between $212,000 and $230,000, reflecting the seniority and responsibilities of the position.
What kind of benefits are offered to the Director of Governance Risk and Compliance?
The company offers comprehensive medical, dental, and vision coverage, 401k matching, a performance-based bonus program, professional development funding, mentorship, an Employee Stock Purchase Plan (ESPP), and office setup reimbursement. The role also benefits from a remote-first culture.
How important is experience with HIPAA and healthcare security for this role?
Experience with HIPAA and healthcare security requirements is a strong qualification, as the client is a leader in the healthcare space. A deep understanding of these regulations is crucial for managing the company's security compliance posture effectively.
Does this Director of Governance Risk and Compliance role require experience with third-party risk management?
Yes, proven vendor management experience with third-party GRC service providers is a required qualification. The Director will be responsible for managing the company's third-party risk management program from start to finish.
What kind of collaboration is expected for the Director of Governance Risk and Compliance?
This role requires significant cross-functional partnership. You will collaborate with various departments to address security and compliance issues, lead security audits and regulatory inquiries in conjunction with other teams, and ensure accountability for GRC outcomes across internal partners and vendors.