Director, Governance, Risk & Compliance

24 Hour Home Care•Los Angeles, CA

17h•Hybrid

About The Position

24 Hour Home Care is part of the TEAM Services Group family of companies. As a shared Talent Acquisition function, we are proud to support TEAM's recruiting efforts by helping to attract exceptional talent across the organization. TEAM Services Group (“TEAM”) is a national provider of home and personal care services and household employment solutions supporting the known caregiver model, which allows families and individuals with disabilities the freedom to choose the caregivers and service providers working with them in their homes. TEAM is a mission-driven company serving over 110,000 clients and employing over 130,000 caregivers across all 50 states. We operate in a large and growing market and have grown nearly 40% annually since inception through our relentless focus on delivering best-in-class client experience. TEAM is led by a high-performing team passionate about improving access to home-based care in America. The Role : The Director, Governance, Risk & Compliance (GRC) leads the organization's enterprise governance, risk, and compliance program, partnering closely with the CISO to strengthen security, regulatory compliance, and risk management across a multi-brand healthcare organization. This role is responsible for building and maturing GRC frameworks, leading enterprise risk and compliance initiatives, overseeing audit readiness, and driving data governance, third-party risk management, vulnerability management, and security awareness programs that support organizational growth and regulatory requirements.

Requirements

Bachelor's degree in Cybersecurity, Information Security, Information Technology, Business, or a related field required; advanced degree preferred.
10+ years of progressive experience in governance, risk, and compliance, including leadership of enterprise GRC programs or teams.
Deep expertise in ISO 27001, NIST Cybersecurity Framework, NIST 800-series, SOC 2 Type II, HIPAA, HITECH, and enterprise risk management frameworks.
Proven experience building or significantly maturing GRC programs, including risk frameworks, compliance processes, audit management, and policy development within complex, multi-entity organizations.
Demonstrated experience managing enterprise audits, regulatory compliance, control mapping across multiple frameworks, and executive risk reporting.

Nice To Haves

Professional certifications such as CISSP, CISA, CRISC, CISM, or HITRUST CCSFP preferred; experience with HITRUST, GRC platforms (Drata, ServiceNow GRC, OneTrust, Archer), healthcare compliance, or PE-backed organizations is highly desirable.
Skills: Governance and risk management, Regulatory compliance, Audit and control management, Data governance, Policy development, Executive communication, Cross-functional leadership, Strategic planning

Responsibilities

Develop and execute the enterprise GRC strategy, establishing governance, risk, and compliance frameworks aligned with ISO 27001, NIST, SOC 2, HIPAA, HITECH, and other applicable standards.
Lead enterprise risk management, audit readiness, and compliance activities by maintaining risk registers, coordinating assessments, managing regulatory audits, and delivering executive reporting.
Build and oversee enterprise programs for data governance, vulnerability management, third-party risk management, and security awareness, ensuring scalable processes and organizational adoption.
Partner with Legal, IT, business leaders, and external stakeholders to strengthen privacy, regulatory compliance, policy development, and enterprise security practices across all brands.
Lead and develop the GRC function by establishing operating models, building team capabilities, implementing governance processes, and driving continuous improvement initiatives.