Governance, Risk, and Compliance Manager

Rosemont, IL
Enterprise IT
Full-Time
Are you looking to make a difference in healthcare? Intelligent Medical Objects (IMO) is changing the future of healthcare. We are the team behind medical terminology solutions that improve history accuracy and completeness, reimbursement rates and more for over 80% of US clinicians, including inside of roughly 100 EMR’s. 


The Governance, Risk, and Compliance (GRC) Manager will provide highly skilled technical and regulatory compliance expertise for development and implementation of the information security risk management program at IMO. This individual will lead cross functional teams and manage enterprise wide projects to ensure that IMO complies with all relevant infosec and industry specific guidelines. The GRC Manager will also ensure effective system-wide security analysis including intrusion detection; standards and testing; risk assessment; awareness and education; and development of policies, standards, and guidelines.

This candidate will partner with leaders across the organization to ensure process and procedures are compliant to relevant standards including but not limited to HIPAA, PCI, SOC2, SOX, and more. The GRC Manager will also manage a small team to meet audit, assessment, and compliance deadlines. If you want to join an exciting, growing team at IMO and immediately impact our team, apply today!
Responsibilities
  • Lead the development and implementation of the system-wide risk management function of the information security program to ensure information security risks are identified and monitored. 
  • Recommend programmatic and technical directions and operate with a high degree of independence in matters relating to the investigation, impact, and analysis of security incidents, decisions regarding risk, and measures for computer and network security. 
  • Execute strategy for dealing with increasing number of audits, compliance checks and external assessment processes for internal/external auditors, SOC2, HIPAA. 
  • Work with Information Security and Enterprise IT and cross-department functions and leading/managing external consultants as appropriate on required security assessments and audits 
  • Coordinate and track all information technology and security related audits including scope of audits, timelines, auditing agencies and outcomes. 
  • Must be able to assess computer hardware, software, and systems for security risks or violations and work with Enterprise IT and IMO staff and technology vendors to recommend solutions. 
Requirements
  • 8+ years experience with Risk Management practice, policy, and procedure in the Information Technology field.
  • Knowledge of information security risk management frameworks and compliance practices. 
  • Knowledge of securing network technologies, client, and server operating systems. 
  • Ability to develop security standards and guidelines based on best practices and industry standards.
  • Understanding of common security standards and regulations (e.g., SOC2, HIPAA, etc.). 
  • Excellent interpersonal, communication, and presentation skills, including formal report writing experience 

At IMO, we celebrate diversity and are committed to creating an inclusive environment for all employees. IMO is proud to be an equal opportunity workplace and is an affirmative action employer.