Building Location:Peerless Building

Department:47530 Information Security

Job Description:The Governance, Risk, and Compliance (GRC) Manager is responsible for overseeing all areas of governance, risk, and compliance within the organization. This role involves managing the day-to-day responsibilities of GRC analysts, overseeing third-party risk management, vulnerability management, regulatory compliance, organizational security awareness, and policy development. The GRC Manager ensures that the organization adheres to legal standards and internal policies, and that risk management strategies are effectively implemented.

Education Qualifications:

Key Responsibilities:

Team Management: Lead and manage a team of GRC analysts, providing guidance, mentorship, and performance evaluations to ensure effective execution of GRC initiativesThird-Party Risk Management Oversight: Oversee the assessment and monitoring of third-party vendors and partners to ensure they meet the organization's risk and compliance standardsVulnerability Management: Coordinate with IT and security operations teams to identify, assess, and remediate vulnerabilities within the organization's systems and infrastructureRegulatory Compliance: Ensure adherence to all relevant laws, regulations, and industry standards by implementing compliance programs and monitoring ongoing compliance effortsOrganizational Security Awareness: Develop and implement security awareness programs to educate employees on security policies, procedures, and best practicesPolicy Development and Implementation: Create, update, and communicate governance, risk, and compliance policies and procedures across the organizationRisk Assessment and Mitigation: Conduct regular risk assessments, identify potential risks, and work with partners to develop mitigation strategies to reduce impact on the organizationAudit Coordination: Prepare for and coordinate internal and external audits, ensuring all necessary documentation is available and that audit findings are addressed promptlyReporting and Documentation: Maintain accurate records of GRC activities and prepare reports for senior management on the status of governance, risk, and compliance effortsCross-Functional Collaboration: Work closely with other departments, such as Legal, IT, and Operations, to integrate GRC objectives and ensure a unified approach to risk management and compliance

Education Requirements:

Bachelor's degree in Information Security, Information Technology, Compliance, or a related field (or equivalent experience)

Required Qualifications:

Minimum of 5 years of experience in governance, risk management, and compliance roles, with at least 2 years in a managerial or leading positionStrong knowledge of regulatory requirements and industry standards relevant to the organization (e.g., HIPAA, NIST, PCI-DSS)Experience with third-party risk management and vulnerability management processesExcellent leadership and team management skillsStrong analytical and problem-solving abilitiesExceptional communication and interpersonal skillsProficiency in GRC tools and software applications

Preferred Qualifications:

Healthcare IT Experience: Experience working in the healthcare sector, with a deep understanding of HIPAA compliance, electronic health record (EHR) systems, and the specific governance and compliance challenges in healthcare environmentsExperience in developing and delivering organizational security awareness programsProven track record in policy development and implementationRelevant certifications such as CISA, CRISC, CISM, or CISSP are preferred

Licensure/Certification Qualifications:

FTE:1

Possible Remote/Hybrid Option:

Remote

Shift Rotation:Day Rotation (United States of America)

Shift Start Time:Flexible

Shift End Time:Flexible

Weekends:

Holidays:No

Call Obligation:Yes

Union:

Union Posting Deadline:

Compensation Range:

$122,657.60 - $183,996.80

Employee Benefits at Essentia Health*:

Health Coverage: Medical, dental, vision, life and disability insurance, plus supplemental health benefit options to ensure employees' well-being.

Retirement Savings Plans: 401(k) with employer contributions to support long-term financial security.

Professional Development: Opportunities for career growth through training, tuition reimbursement, and educational programs.

Work-Life Balance: Flexible scheduling, time off, holidays, and personal leave to help employees manage their professional and personal lives.

Employee Wellness Programs: Initiatives focused on physical, mental, and emotional health, including fitness memberships, counseling services, and wellness activities.

*Eligibility for Essentia Health’s benefit programs vary. Please refer to the benefit summary provided to you, or contact our HR Service Center at (218) 576-0000 for more information.