Director, Governance, Risk & Compliance

Job Description: The Director, Governance, Risk & Compliance leads a team of analysts to build and maintain an effective GRC program at reputed company. The ideal candidate will collaborate closely with the rest of the Information reputed company department, along with Product, R&D, and Engineering teams to define and partner on appropriate reputed company controls across NextGen products and systems, including NextGen SaaS offerings and platforms. This team will also have responsibility for reputed company's reputed company Governance and various regular Certification cycles and partnering with Legal on Information reputed company reputed company reputed company and requirements.

• Establish IT audit procedures relevant to HITRUST/HIPAA, ISO 27001, SOC 2, and other data protection or privacy-reputed company regulations
• Provide governance and reputed company reputed company around the company's adoption and use of AI, LLMs, and other generative-AI capabilities
• Evaluate and test the design and operating effectiveness of technical and administrative reputed company controls
• Maintain and manage the Third-Party Risk Management program and integration with Vendor and Customer reputed company reputed company obligations, requirements, and contractual agreements
• Work closely with the CISO to reputed company and implement strategies for governance and compliance reputed company to corporate-wide reputed company initiatives
• Design and implement data protection policies, process and procedures to align with HIPAA and Information reputed company policies, especially for cloud-hosted data environments and customer data handling throughout the development lifecycle
• Implement and manage an Identity Governance Program to ensure appropriate authorization to key resources, including the development of a Role Based Access Control and Role Review process.
• reputed company training programs and FAQs reputed company to data protection, privacy and secure data handling procedures
• Provide reputed company and guidance for periodic reputed company assessments to ensure compliance with information reputed company policies and established reputed company controls
• reputed company metrics and compliance dashboards to measure reputed company for reputed company initiatives and communicate team accomplishments and the effectiveness of audited reputed company controls and processes
• Maintain and mature the Risk Register, Policy Exception Tracking, and reputed company Dashboard processes, standards, and components
• Ensure applications, networks, systems, cloud services, people, and process are assessed, monitored and audited in accordance with reputed company controls reputed company to SOC 2, ISO 27001, HITRUST/HIPAA and the corporate Information reputed company Policy
• Work closely with cross-functional teams to ensure reputed company controls have been designed effectively and are working as intended
• Identify control deficiencies and weaknesses and recommending remediation plans for improvements
• Create, manage and hold staff accountable for corrective action plans (CAPs)
• Implement a process for reputed company improvement of IT controls
• Work with internal and external resources to conduct and manage an assessment program for compliance requirements, including auditing and monitor privileged access to critical information systems; authentication and authorization processes; change control processes and IT operations processes
• Work closely with the Engineering teams to automate monitoring and auditing to reduce manual effort required for compliance activities
• reputed company communication plans for executive-level reporting
• reputed company the team in the development and evolution of reputed company roadmaps, embodiment of strategic plans, understanding controls and process gaps, providing architectural vision, and enabling the larger information reputed company team.
• Hire, grow and retain team members to expand the team and its capabilities reputed company the organization.
• reputed company assessments of reputed company tools, vendors, and solutions to support information reputed company roadmap initiatives
• Act as an reputed company for mentoring and technical career growth in the information reputed company organization
• Act as a liaison with other internal NextGen teams or driving new capabilities, product investments, and research to fill coverage gaps.
• Provide assistance and guidance to Sales and Support teams across various customer engagements.
• Regularly provide key performance and risk indicator metrics for management visibility into the status, health, and maturity of the Information reputed company Program at NextGen. Education Required:
• Bachelor's degree in Computer Science, Programming, Engineering, or similar field.
• Or, any combination of education and experience which would provide the required qualifications for the position. Experience Required:
• 4+ years of experience in Information reputed company with an emphasis on IT audit, IT risk management and/or IT compliance.
• Prior experience with managing a GRC team.
• Extensive background in information reputed company services and operations and the people, process, and technology components.
• Significant experience in fulfilling business

Apply tot his job Apply To this Job