Director, Governance, Risk, and Compliance

Overview

Position Overview :

The Director of Governance, Risk, and Compliance (GRC) will be responsible for developing, implementing, and maintaining comprehensive governance, risk management, and compliance programs within the organization. This role will oversee the strategic direction and execution of policies, procedures, and controls to ensure regulatory compliance, mitigate risks, and uphold corporate governance standards.

About Center of Excellence:

Centers of Excellence (COE) are teams whose primary goal is to provide expertise in a specific field. COEs will usually provide support through training, research, and skilled leaders. In the case of HealthEdge , our Centers of Excellence incorporate the Human Resources, IT, Legal and Financial fields, all of which provide support to our Product divisions and allows the enterprise to move forward and achieve its goals.

Your impact :

• Develop and implement governance frameworks, policies, and procedures to ensure alignment with industry regulations, best practices, and organizational objectives .
• Lead risk assessment processes to identify , assess, and prioritize risks across the organization, and develop strategies to mitigate or eliminate them.
• Establish and maintain effective compliance programs to ensure adherence to relevant laws, regulations, and standards, including data privacy, cybersecurity, and industry-specific requirements.
• Monitor regulatory developments and industry trends to anticipate potential risks and compliance requirements and recommend appropriate actions .
• Collaborate with cross-functional teams to integrate governance, risk management, and compliance considerations into business processes, projects, and initiatives.
• Provide guidance and support to senior management and stakeholders on GRC-related matters, including reporting on compliance status, remediation efforts , and key risk indicators such as vulnerability management metrics.
• Conduct regular audits, assessments, and reviews to evaluate the effectiveness of GRC programs and controls and drive continuous improvement efforts.
• Foster a culture of accountability, transparency, and ethical conduct throughout the organization, promoting awareness of GRC responsibilities and expectations.
• Develop and deliver training programs and materials to educate employees on governance, risk management, and compliance requirements, fostering a culture of compliance awareness and understanding.
• Serve as a liaison with external auditors, regulators, and other stakeholders, facilitating audits, inquiries, and inspections, and ensuring timely and accurate responses to requests.
• Drive Business Continuity programming and build processes for continual assurance of efficacy.
• Collaborate with multiple stakeholders to establish and drive evolving and comprehensive best practices for Identity and Access Management.
• Lead and develop a high-performing team of governance, risk, and compliance professionals, providing coaching, mentorship, and opportunities for professional growth and development.
• Foster a culture of innovation and continuous improvement within the team, encouraging creativity, problem-solving, and knowledge sharing to drive operational excellence and efficiency
  
  

What you bring:

• P rofessional certification (e.g., CISA, CISSP, CRISC, CISM, CIA, CRCM) preferred.
• 7 or more years’ experience in governance, risk management, and compliance roles, preferably in a regulated industry or complex organizational environment
• 5 or more years’ ex perience in a leadership role
• In-depth knowledge of relevant laws, regulations, and standards, such as SOC2, HITRUST, HIPPA, etc., and experience interpreting and applying them to business operations.
• Strong analytical skills and attention to detail, with the ability to assess and prioritize risks, identify control deficiencies, and recommend effective solutions.
• Excellent communication, interpersonal, and leadership skills, with the ability to influence and collaborate with stakeholders at all levels of the organization.
• Demonstrated project management experience, with the ability to lead and execute complex initiatives, manage competing priorities, and drive results.
• Sound judgment and integrity, with a commitment to upholding ethical standards and promoting a culture of integrity and compliance.
• Proficiency in GRC tools and technologies, as well as Microsoft Office Suite (Word, Excel, PowerPoint, Outlook) and other relevant software applications.
  
  

HealthEdge commits to building an environment and culture that supports the diverse representation of our teams. We aspire to have an inclusive workplace. We aspire to be a place where all employees have the opportunity to belong, make an impact and deliver excellent software and services to our customers.

Geographic Responsibility: While HealthEdge is located in Burlington, MA you may live anywhere in the US

Type of Employment: Full-time, permanent

Work Environment: The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job:

• The employee is occasionally required to move around the office. Specific vision abilities required by this job include close vision, color vision, peripheral vision, depth perception, and ability to adjust focus.
• Work across multiple time zones in a hybrid or remote work environment.
• Long periods of time sitting and/or standing in front of a computer using video technology.
• May require travel dependent on company needs.
  
  

The above statements are intended to describe the general nature and level of the job being performed by the individual(s) assigned to this position. They are not intended to be an exhaustive list of all duties, responsibilities, and skills required . HealthEdge reserves the right to modify , add, or remove duties and to assign other duties as necessary. In addition, reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions of this position in compliance with the Americans with Disabilities Act of 1990. Candidates may be required to go through a pre-employment criminal background check.

HealthEdge is an equal opportunity employer. We are committed to workforce diversity and actively encourage all qualified persons to seek employment with us, including, but not limited to, racial and ethnic minorities, women, veterans and persons with disabilities.