Lead, Governance Risk & Compliance (HITRUST Certified) - Healthcare Consulting

About The Position

Requirements

• Bachelor's degree in Information Technology, Computer Science, Engineering, or related field; or equivalent combination of education and experience.
• At least seven (7) years of progressive GRC leadership experience.
• Demonstrated track record of designing and executing Governance, Risk and Compliance in complex, regulated environments (healthcare experience preferred).
• Hands-on expertise in enterprise security, risk management, compliance (HIPAA, SOC 2, HITRUST, NIST).
• Understanding of cloud infrastructure (Azure, AWS, or equivalent), DevOps pipelines, and software engineering execution.
• Prior experience engaging with clients, vendors, and external partners on audit, compliance, or security topics.
• Proficiency in Microsoft Word, Excel & PowerPoint required
• Strategic and Tactical Leadership – able to set the GRC vision while also executing details and solving immediate challenges.
• Security Expertise – deep understanding of enterprise security practices, frameworks, and technologies.
• Collaboration & Communication – excellent interpersonal skills with the ability to influence at all levels, partner across functions, and represent technology externally.
• Curiosity & Adaptability – naturally inquisitive, eager to learn, and proactive in solving problems across multiple domains.
• Execution & Resilience – demonstrates a “whatever it takes” attitude with a bias toward action and accountability.
• People Leadership – proven ability to lead, mentor, and develop Governance and Compliance teams; strong consensus builder and team culture champion.
• Ability to work in a dynamic, fast-paced environment balancing strategic priorities with tactical needs.
• Willingness to occasionally travel to Sellers Dorsey offices, client sites, or partner locations.

Nice To Haves

• Advanced degree (MBA, MS in Information Security, or related field) preferred.
• HITRUST certified candidates strongly preferred.

Responsibilities

• GRC Operations – Execute the enterprise governance, risk and compliance program for Sellers Dorsey. Align compliance capabilities with organizational strategy and growth goals.
• Enterprise Risk Management – Assist the GRC Manager with the organization’s risk strategy and compliance programs (HIPAA, SOC 2, HITRUST). Assist with third-party security risk management to ensure proactive protection of systems and data.
• Business Unit Cross Function – Ensure clear and persistent communication with all business units (e.g. legal, privacy teams).
• Culture Building – Assist the GRC Manager with promoting a culture of security.
• Cross-Functional & External Collaboration – Serve as a key lead to the Manager of Governance, Risk & Compliance. Work with vendors, as needed.
• Other duties as requested by VP of Technology and Security or other senior leaders.

Benefits

• The successful candidate will also be eligible to participate in our annual Corporate Incentive Plan (CIP) that can range to up to 10% of annual salary.
• Provided they meet all eligibility requirements under the applicable plan documents, the successful candidate (and their eligible dependents) will be eligible to enroll in group healthcare plans that offer medical, dental, and vision and for insurance plans offering short term disability, long term disability, and basic life.
• Employees are also able to enroll in Sellers Dorsey’s 401k plan provided they meet plan requirements.
• Sellers Dorsey offers a Flexible Time Off that allows employees to use what they need.
• Additionally, we offer 10 paid holidays throughout the calendar year, paid time off for qualifying medical leave, and up to 12 weeks of combined paid parental and bonding leave.