Director, Governance, Risk & Compliance
24 Hour Home Care - Corporate Divisionβ’Los Angeles, CA
β’$180,000 - $200,000β’Hybrid
About The Position
The Director, Governance, Risk & Compliance (GRC) leads the organization's enterprise governance, risk, and compliance program, partnering closely with the CISO to strengthen security, regulatory compliance, and risk management across a multi-brand healthcare organization. This role is responsible for building and maturing GRC frameworks, leading enterprise risk and compliance initiatives, overseeing audit readiness, and driving data governance, third-party risk management, vulnerability management, and security awareness programs that support organizational growth and regulatory requirements.
Requirements
- Bachelor's degree in Cybersecurity, Information Security, Information Technology, Business, or a related field required; advanced degree preferred.
- 10+ years of progressive experience in governance, risk, and compliance, including leadership of enterprise GRC programs or teams.
- Deep expertise in ISO 27001, NIST Cybersecurity Framework, NIST 800-series, SOC 2 Type II, HIPAA, HITECH, and enterprise risk management frameworks.
- Proven experience building or significantly maturing GRC programs, including risk frameworks, compliance processes, audit management, and policy development within complex, multi-entity organizations.
- Demonstrated experience managing enterprise audits, regulatory compliance, control mapping across multiple frameworks, and executive risk reporting.
- Governance and risk management
- Regulatory compliance
- Audit and control management
- Data governance
- Policy development
- Executive communication
- Cross-functional leadership
- Strategic planning
Nice To Haves
- Professional certifications such as CISSP, CISA, CRISC, CISM, or HITRUST CCSFP preferred; experience with HITRUST, GRC platforms (Drata, ServiceNow GRC, OneTrust, Archer), healthcare compliance, or PE-backed organizations is highly desirable.
Responsibilities
- Develop and execute the enterprise GRC strategy, establishing governance, risk, and compliance frameworks aligned with ISO 27001, NIST, SOC 2, HIPAA, HITECH, and other applicable standards.
- Lead enterprise risk management, audit readiness, and compliance activities by maintaining risk registers, coordinating assessments, managing regulatory audits, and delivering executive reporting.
- Build and oversee enterprise programs for data governance, vulnerability management, third-party risk management, and security awareness, ensuring scalable processes and organizational adoption.
- Partner with Legal, IT, business leaders, and external stakeholders to strengthen privacy, regulatory compliance, policy development, and enterprise security practices across all brands.
- Lead and develop the GRC function by establishing operating models, building team capabilities, implementing governance processes, and driving continuous improvement initiatives.
Benefits
- Comprehensive benefits package, including health, dental, vision, 401K
- Wellness Program
- Learning and Professional Development Program
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
Upload and Match Resume
What This Job Offers
Job Type
Full-time
Career Level
Director
