RemoteLeaf Logo
Log in Sign up

Director, Governance, Risk, and Compliance (GRC)

2 hours, 28 minutes ago
United States
Full-time
Lead
Penetration Tester
Cybersecurity
HIPAA
Apply Now
Clover Health

Clover Health

Clover Health is a data-focused health insurance company that is revolutionizing the Medicare Advantage space by integrating innovative technology into its plans. With a focus on optimizing medical outcomes and reducing costs, Clover Health uses analyt...

Insurance
251-1K
Founded 2014
$925M raised
View All Jobs 10

Description

  • Define and evolve Clover Health’s security governance and risk management strategy aligned with enterprise objectives and the security roadmap.
  • Establish a risk-driven governance approach aligned with HIPAA, the NIST Cybersecurity Framework v2, and the NIST AI Risk Management Framework where applicable.
  • Anticipate security and regulatory risks 12+ months ahead using business, product, regulatory, and market signals.
  • Own Clover Health’s security compliance posture, including federal and state regulatory obligations.
  • Lead security-related audits, assessments, and regulatory inquiries in partnership with Legal, Compliance, Privacy, and Internal Audit.
  • Drive clarity, consistency, and maturity in security policies, standards, and procedures.
  • Lead the third-party security risk management program, including vendor due diligence, risk assessments, remediation tracking, and monitoring.
  • Manage a third-party GRC services vendor and ensure delivery quality, prioritization, and alignment to Clover’s risk appetite.
  • Lead governance and coordination for incident response, crisis management, disaster recovery, and business continuity.
  • Coordinate cross-functional problem solving on complex security and compliance issues and build durable partnerships across business functions.

Requirements

  • 8+ years of experience in information security, GRC, risk management, or related disciplines.
  • Demonstrated experience leading security governance and compliance programs in regulated environments.
  • Strong working knowledge of HIPAA and healthcare security requirements.
  • Experience operating in a public company or similarly regulated environment.
  • Proven experience managing third-party vendors providing GRC services or staff augmentation.
  • Hands-on experience with incident response governance, crisis management, disaster recovery, and business continuity.
  • Strong business acumen with the ability to translate security and compliance risks into business impact.
  • Excellent executive-level communication and stakeholder management skills.
  • Familiarity with NIST CSF v2 and NIST AI RMF, preferred.
  • Relevant certifications such as CISM, CRISC, or similar are a plus.

Benefits

  • Competitive base salary of $212,000 to $230,000 USD.
  • Equity opportunities, including an Employee Stock Purchase Plan with discounted equity.
  • Performance-based bonus program and 401(k) matching.
  • Comprehensive medical, dental, and vision coverage.
  • Remote-first culture with collaboration and flexibility.
  • Generous flexible time-off policy, plus No-Meeting Fridays and monthly company holidays.
  • Mental health resources and professional development funding, mentorship, and learning programs.
  • Paid parental leave and reimbursement for office setup expenses, plus a monthly cell phone and internet stipend.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

Avertium

CyberSecurity Consultant

Avertium 251-1K IT Services

Avertium is hiring a remote Cybersecurity Consultant to support Microsoft Cloud-focused professional services work, leading architecture and integration efforts that deliver secure, practical solutions for clients.

United States Full-time Senior Penetration Tester Program Manager
Azure CloudFormation Cybersecurity DevSecOps Elasticsearch ELK Stack GitHub HIPAA Jenkins Kibana Logstash Network Security REST API SQL
5 hours, 20 minutes ago
AHEAD

Senior Consultant - AI Security Manager

AHEAD 1K-5K IT Services

AHEAD is hiring a remote Senior Consultant - AI Security Manager to lead client engagements focused on securing AI and machine learning systems, delivering assessments and secure architecture designs for enterprise environments.

United States Full-time Senior AI (Artificial Intelligence) Penetration Tester
$160k-$200k
AWS Azure Cybersecurity GCP Go Machine Learning Microservices Python Rust
6 hours, 4 minutes ago
HiddenLayer

AI Red Teamer

HiddenLayer 11-50 IT Services

HiddenLayer is seeking a fully remote AI Red Teamer to evaluate and strengthen the security of predictive and generative AI systems through adversarial testing and risk analysis.

United States Full-time Senior Penetration Tester Security Engineer
Keras Machine Learning Penetration Testing Python PyTorch TensorFlow
6 hours, 28 minutes ago
GuidePoint Security

Senior Security Architect - AD/Entra (Remote in the US)

GuidePoint Security 251-1K Internet Software & Services

GuidePoint Security is hiring a Senior Security Architect to join its IAM team and support remote implementation and improvement of AD/Entra ID identity solutions for clients.

United States Full-time Senior Penetration Tester
Active Directory OAuth OpenID Connect Oracle PowerShell SAML
7 hours, 43 minutes ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers