Similar Jobs
See allSr. Legal Risk Manager
Privia Health
NIST
HITRUST
SOX
Senior Manager, Security Risk Management
Affirm
Canada
NIST
ISO
GRC
Security GRC Analyst
Hims & Hers
US
GRC
Risk Management
Audit
Senior Specialist, Information Security, Third Party Risk
Planned Parenthood Federation of America
US
Cybersecurity
Risk Management
HIPAA
Cybersecurity Analyst, IT GRC
Aprio
US
GRC
Risk Management
Security
Governance & Security Risk Strategy:
- Define and evolve the security governance and risk management strategy, aligning function-level priorities with enterprise objectives.
- Establish a risk-driven approach to governance aligned with HIPAA Security and Privacy Rules and NIST Cybersecurity Framework.
- Anticipate security and regulatory risks 12+ months out, using business, product, regulatory, and market signals to inform strategy.
Compliance & Regulatory Leadership:
- Own Clover Health’s security compliance posture as a public healthcare company, including federal and state regulatory obligations.
- Lead security-related audits, assessments, and regulatory inquiries in partnership with Legal, Compliance, Privacy, and Internal Audit.
- Drive clarity, consistency, and maturity in security policies, standards, and procedures.
Third-Party Risk Management:
- Lead Clover Health’s third-party security risk management program end-to-end.
- Oversee vendor due diligence, risk assessments, remediation tracking, and ongoing monitoring.
- Manage and hold accountable a third-party GRC services vendor, ensuring delivery quality, prioritization, and alignment to Clover’s risk appetite.
Clover Health
Clover Health is reinventing health insurance by combining data with human empathy to keep members healthier. They've created custom software and analytics to empower their clinical staff to intervene and provide personalized care. Those who work at Clover are passionate and mission-driven individuals with diverse areas of expertise, working together to solve the most complicated problem in the world: healthcare.