Director of Security, GRC

This role leads and scales the enterprise GRC program, reporting to the Chief Information Security Officer (CISO). You will be responsible for building out a cohesive framework for risk management, compliance, and certifications while ensuring that security, privacy, and governance practices align with regulatory, contractual, and audit expectations. As the Director, you will manage a growing team and own Aledade’s risk program, GRC platforms (including Vanta), and policy framework. You will be accountable for driving compliance certifications, partnering across Security, IT, Product, and Legal to ensure evidence is ready for external audits, and ensuring governance enables both innovation and protection of sensitive patient data.