Manager, GRC Risk Management

Job not on LinkedIn

1 hour ago

Apply Now

Receive Emails with Similar Jobs

Datavant

WebsiteLinkedInAll Job Openings

Healthcare Insurance • SaaS • Enterprise

Datavant is a company that provides a platform and network focused on making health data secure, accessible, and usable across the healthcare ecosystem. With a focus on data connectivity and interoperability, Datavant facilitates the movement of healthcare records across a vast network of organizations, including hospitals, clinics, health systems, and data partners. Their suite of products and solutions covers areas such as health data exchange, data transformation, and privacy compliance, serving various clients including health plans, healthcare providers, life sciences, and government organizations. Datavant's mission is to advance human health through improved data exchange and analytics.

201 - 500 employees

Founded 2017

⚕️ Healthcare Insurance

☁️ SaaS

🏢 Enterprise

💰 $40M Series B on 2020-10

📋 Description

• Work remotely from anywhere in the United States • Lead the identification, evaluation, and quantification of information security risks using standardized methodologies • Develop and maintain information security risk register, ensuring consistent classification, ownership, and prioritization • Translate technical risks into business impact metrics that support data-driven decision-making by leadership • Support the definition and refinement of risk appetite, tolerance, and key risk indicators (KRIs) • Manage end-to-end remediation lifecycle for audit findings, risk exceptions, and control gaps • Partner with control owners and system teams to document, track, and validate remediation progress • Develop dashboards and reports to visualize remediation status and risk trends • Facilitate risk acceptance and exception processes, ensuring appropriate business justification and executive visibility • Partner with technical and compliance teams to develop and implement AI governance controls and risk assessments • Track AI-related regulatory developments and support readiness for future standards (e.g., EU AI Act, NIST AI RMF) • Provide expert support for compliance activities related to HITRUST, HIPAA, ISO 27001, PCI, SOC 2, FedRAMP and other relevant frameworks, ensuring adherence to industry standards and regulations

🎯 Requirements

• A minimum of 6 years in security risk management including risk assessment and remediation • Minimum 1 year of direct people management experience leading remote teams • Proven track record of program management, including building and scaling cross-functional security initiatives • Proven experience in performing technical risk assessments and documentation of key controls and security processes, with a solid understanding of IT processes and industry best practices • Strong analytical and problem-solving abilities, with a keen attention to detail and the capacity to manage multiple priorities in a fast-paced environment • Excellent communication and interpersonal skills, capable of effectively engaging with cross-functional teams and stakeholders across all levels of leadership • Ability to operate effectively in ambiguous situations, demonstrating flexibility and resilience

🏖️ Benefits

• We are proud to be an Equal Employment Opportunity employer • Health screenings and vaccination requirements may apply