Associate Director, Regulatory Risk, Compliance & Accreditation

5 hours, 50 minutes ago
Full-time
Senior
Cybersecurity
Planned Parenthood

Planned Parenthood

Planned Parenthood is a trusted provider of sexual and reproductive health care, delivering vital services and information to millions worldwide.

Health Care Providers & Services
251-1K
Founded 1916
$275M raised

Description

  • Serve as the Information Security & Technology Program expert and accreditor for the PPFA Accreditation & Certification Program.
  • Evaluate security and technology systems, controls, and policies for affiliate and ancillary organizations.
  • Conduct accreditation and certification interviews, risk assessments, and technical analyses to identify risk and non-compliance.
  • Review documentation, third-party assessments, and audit samples to identify discrepancies and required corrective actions.
  • Execute accreditation activities, including attestation review and technical security control analysis and testing.
  • Escalate high- or critical-risk findings and support remediation and stakeholder notification.
  • Write reports and presentations that interpret assessment results, findings, and risk outcomes.
  • Track corrective actions, assessment results, accreditation requirements, and PCI DSS compliance activities.
  • Lead PCI DSS compliance efforts across payment flows, including annual self-assessments, AOC finalization, and vulnerability scanning support.
  • Support and educate affiliates, national office staff, and third-party vendors on PCI DSS, risk, and compliance requirements.
  • Review and update internal PCI DSS training content, policies, and procedures as needed.
  • Support the Third Party Risk Management program and other assigned duties as needed.

Requirements

  • Bachelor’s degree and 5+ years of industry experience.
  • At least 2 years of experience in governance, risk, and compliance (GRC), auditing, accreditation, or IT/security control assessment or implementation.
  • Experience with compliance requirements and industry standards such as HIPAA Security, PCI DSS, NIST, and CIS.
  • Understanding of information security, risk, and compliance principles.
  • Deep understanding of IT and information security environments and administration.
  • Strong written and verbal communication skills, including technical and non-technical writing.
  • Strong attention to detail and analytical skills.
  • Ability to balance firm security practices with flexibility in a fast-paced, changing environment.
  • Ability to maintain neutrality and fairness in review processes and raise potential bias concerns.
  • High proficiency in Google products.
  • Knowledge of security technologies such as networking, device protections, encryption, data protection, and identity and access management.
  • Current industry certifications such as CISA, CRISC, or GSEC are preferred.
  • Commitment and track record of advancing racial equity in operations and communications.
  • Ability to adapt to quickly changing priorities and ambiguous situations.
  • Domestic travel up to 0-10% as needed.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

SAP GRC (Governance, Risk, and Compliance) Consultant

Accenture 100K+ Professional Services

Accenture Federal Services is hiring an SAP GRC Consultant to support SAP Customer Activity Repository integrations for POS and e-commerce data across retail and financial environments.

4 hours, 35 minutes ago

RMF Process Lead (R-00177)

True Zero Technologies 11-50 Internet Software & Services

True Zero Technologies is hiring an RMF Process Lead to own and modernize federal Risk Management Framework workflows and support the transition to a new enterprise GRC or RMF platform.

2 days, 5 hours ago

Cyber Security Advisor

Centorrino Technologies 51-250 Internet Software & Services

Centorrino Technologies is hiring a Cyber Security Advisor in Australia to protect client digital environments, manage cyber risk and incidents, and support security governance and compliance.

Cybersecurity SIEM
2 days, 5 hours ago

Security Controls Assessor (SCA) - Senior

Avint 11-50 IT Services

Avint is hiring a Senior Security Controls Assessor to perform independent assessments of complex federal information systems and cloud environments, with the primary goal of validating security control effectiveness and supporting RMF compliance and risk decisions.

AWS Azure Cybersecurity GCP Penetration Testing
2 days, 5 hours ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers