Cybersecurity GRC Manager
Cybersecurity GRC Manager
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Not Disclosed
Salary Not Disclosed
1 Vacancy
Job Description
Weve made a lot of progress since opening the doors in 1942 but one thing has never changed - our commitment to serve heal lead educate that every award earned every record broken and every patient helped is because of the dedicated employees who fill our hallways.
At Ochsner whether you work with patients every day or support those who do you are making a difference and that matters. Come make a difference at Ochsner Health and discover your future today!
We are seeking an experienced and highly motivated GRC Manager to lead our Governance Risk and Compliance (GRC) function. Reporting directly to the Cybersecurity Director the GRC Manager will oversee a team of GRC Engineers and be responsible for developing maintaining and optimizing the organizations information security risk management and compliance frameworks. This role is critical in ensuring regulatory compliance managing third-party risk and enabling secure business operations.To perform this job successfully an individual must be able to perform each essential duty satisfactorily. The requirements listed below are representative of the knowledge skill and/or ability required. Reasonable accommodations may be made to enable qualified individuals with disabilities to perform the essential duties.
This job description is a summary of the primary duties and responsibilities of the job and position. It is not intended to be a comprehensive or all-inclusive listing of duties and responsibilities. Contents are subject to change at the companys discretion.
Key Responsibilities:
Team Leadership & Strategy
Lead mentor and manage a team of GRC Engineers fostering professional growth and alignment with organizational objectives.
Develop and execute GRC strategies that align with enterprise cybersecurity goals and business priorities.
Establish and monitor key performance indicators (KPIs) and metrics for the GRC function.
Governance & Policy Management
Develop maintain and enforce cybersecurity policies standards and procedures in accordance with industry best practices and regulatory requirements (e.g. NIST ISO 27001 SOC 2 PCI-DSS HIPAA).
Coordinate with internal stakeholders to ensure policy adherence across the organization.
Risk Management
Own and operate the enterprise risk management process related to information security.
Identify assess prioritize and track remediation of cybersecurity risks.
Facilitate risk assessments control testing and remediation plans.
Compliance & Audit Support
Ensure ongoing compliance with applicable regulations and frameworks.
Prepare for and support internal and external audits including gathering evidence and coordinating responses.
Maintain documentation and audit logs in support of compliance efforts.
Third-Party Risk Management
Oversee third-party security reviews and risk assessments.
Collaborate with procurement and legal to ensure vendors meet security and compliance requirements.
Training & Awareness
Support security awareness training initiatives in partnership with internal communications and HR teams.
Drive continuous improvement of compliance education across departments.
Qualifications:
Education & Experience:
Bachelors degree in information security Computer Science Business or a related field (Masters preferred).
58 years of experience in information security with at least 23 years in a GRC leadership or management role.
Experience managing teams and working cross-functionally with legal IT engineering and business stakeholders.
Combination of education and experience acceptable.
Certifications (Preferred):
CISSP CISM CRISC CISA or similar GRC-related certifications.
Skills & Knowledge:
In-depth understanding of security frameworks such as NIST CSF ISO 27001 SOC 2 and regulatory requirements.
Familiarity with GRC tools and platforms (e.g. Archer ServiceNow GRC LogicGate).
Strong project management and communication skills.
Ability to interpret technical and business needs and translate them into risk mitigation actions.
The above statements describe the general nature and level of work only. They are not an exhaustive list of all required responsibilities duties and skills. Other duties may be added or this description amended at any time.
Remains knowledgeable on current federal state and local laws accreditation standards or regulatory agency requirements that apply to the assigned area of responsibility and ensures compliance with all such laws regulations and standards.
This employer maintains and complies with its Compliance & Privacy Program and Standards of Conduct including the immediate reporting of any known or suspected unethical or questionable behaviors or conduct; patient/employee safety patient privacy and/or other compliance-related concerns.
The employer is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race color religion sex sexual orientation gender identity national origin protected veteran status or disability status.
Physical and Environmental Demands:
The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
Medium Work - Exerting 20 to 50 pounds of force occasionally and/or 10 to 25 pounds of force frequently and/or greater than negligible up to 10 pounds of force constantly to move objects. (Constantly: activity or condition exists 2/3 or more of the time) to move objects. Physical demand requirements are in excess of those for Sedentary Work. Even though the weight lifted may be only a negligible amount a job should be rated Light Work: (1) when it requires walking or standing to a significant degree; or (2) when it requires sitting most of the time but entails pushing and/or pulling of arm or leg controls; and/or (3) when the job requires working at a production rate pace entailing the constant pushing and/or pulling of materials even though the weight of those materials is negligible. NOTE: The constant stress and strain of maintaining a production rate pace especially in an industrial setting can be and is physically demanding of a worker even though the amount of force exerted is negligible.
Normal routine involves no exposure to blood body fluid or tissue and as part of their employment incumbents are not called upon to perform or assist in emergency care or first aid.
The incumbent has no occupational risk for exposure to communicable diseases.
Because the incumbent works within a healthcare setting there may be occupational risk for exposure to hazardous medications or hazardous waste within the environment through receipt transport storage preparation dispensing administration cleaning and/or disposal of contaminated waste. The risk level of exposure may increase depending on the essential job duties of the role.
Are you ready to make a difference Apply Today!
Ochsner Health does not consider an individual an applicant until they have formally applied to the open position on this careers website.
Individuals who reside in and will work from the following areas are not eligible for remote work position: Colorado California Hawaii Illinois Maryland Minnesota New Jersey New York Vermont Washington and Washington D.C.
Ochsner Health endeavors to make our site accessible to all users. If you would like to contact us regarding the accessibility of our website or if you need an accommodation to complete the application process please contact our HR Employee Solution Center at (select option 1) or. This contact information is for accommodation requests only and cannot be used to inquire about the status of applications.
Ochsner is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to any legally protected class including protected veterans and individuals with disabilities.
Required Experience:
Manager
Employment Type
Full-Time
