Security Risk, PM

Summary

Join Grow Therapy's growing Security team as an experienced Security Risk, PM to build and own the company's Security compliance and risk management program.

Requirements

• A minimum of 7 years of experience in information security risk management, including risk assessment and treatment, risk metrics and trend analysis
• Experience building and implementing Third Party Security Risk Assessment (TPSRA) programs
• Strong knowledge of healthcare security and data privacy standards and regulations such as HIPAA, HITRUST, GDPR, CCPA, etc
• Strong analytical and problem-solving skills
• Strong written and verbal communication skills, building strong relationships at all levels of the organization from executives to project teams
• Detail oriented and highly organized, with the ability to thrive in a fast-paced environment and prioritize accordingly
• Knowledge of how to use data to influence program strategy and tell compelling stories about organizational effectiveness and impact

Responsibilities

• Develop, implement, mature, and champion risk management processes and concepts
• Deploy the risk management framework, processes, and tools to conduct risk assessments effectively and consistently
• Conduct third-party risk assessments and security reviews of third-party vendors/suppliers
• Work closely with technology and legal partners and business units to ensure appropriate security and data protection requirements are incorporated into third-party engagements
• Conduct risk assessments of business units, critical processes and information assets
• Partner with Legal and Compliance to prepare Grow for external audits and certifications (e.g HIPAA, SOC 2)
• Manage our security risk posture and define and report key risk metrics to management on a regular basis

Benefits

• Comprehensive health insurance plans, including dental and vision
• Flexible working hours and location (remote OR in-office, your choice!)
• Flexible Time Off
• Company-wide winter break
• Mental health mornings (2 hours each week)
• Team meditation
• Wellness Stipend
• In-office lunch and biweekly remote lunch on us!
• Continuous learning opportunities