Senior Manager, Governance Risk & Compliance

Sound Physicians,
$130,000 - $160,000Remote

About The Position

Founded in 2001 and headquartered in Nashville, TN, Sound Physicians is a nationally respected, physician-led medical group practicing in 400+ hospitals across 45 states. Our team of 4,000+ clinicians and 1,000+ business professionals across the country is united by one mission: to build exceptional clinical partnerships that unlock quality, affordable, dignified care for everyone – no matter who they are or where they live. With physician-led clinical teams and more than two decades of operational expertise, we’ve refined what it takes to consistently deliver exceptional care in hospital medicine, emergency medicine, critical care, anesthesia, and telemedicine. Why join us? A remote-first culture that values flexibility and collaboration Opportunities to grow your career while making a real impact A team that champions inclusivity, innovation, and excellence Whether working virtually or onsite at one of our practices, you’ll be part of a purpose-driven organization shaping the future of healthcare. Sound Physicians offers a competitive benefits package inclusive of the items below, and more: Medical insurance, Dental insurance, and Vision insurance Health care and dependent care flexible spending account 401(k) retirement savings plan with a company match Paid time off (PTO) begins accruing immediately upon start date at a rate of 15 days per year, in accordance with Sound's PTO policy Ten company-paid holidays per year About the Role The Senior Manager, Governance, Risk, and Compliance (GRC) leads the execution of the enterprise information security GRC program and report directly to the CISO. This role translates the CISO’s cybersecurity strategy and risk tolerance into scalable and defined processes, measurable outcomes, and defensible compliance posture. The Senior Manager serves as the primary owner of day to day security risk management, governance, and compliance activities, providing clear risk visibility and enabling informed executive decision making.

Requirements

  • Strong knowledge of HIPAA Security rule, NIST CSF, ISO 27001, SOC 2, and security risk practices.
  • Experience with risk assessments, audits, and control testing.
  • Ability to clearly communicate security risk to senior leaders.
  • Proven ability to mentor and develop GRC team members and develop working relationships across organizations.
  • Broad knowledge of technology and security risks.
  • Bachelor’s degree in Information Security, Cybersecurity, Information Systems, Computer Science, Business Administration, or a related field
  • 7+ years of experience in information security GRC or risk management.

Nice To Haves

  • CISSP, CISM, CRISC, CISA, or similar certifications.
  • Experience in a CISO led security organization or regulated environment.

Responsibilities

  • Operate and mature the enterprise GRC program aligned to the CISO’s strategy and risk appetite.
  • Own the security risk lifecycle, including assessments, tracking, remediation, and escalation of material risks to the CISO.
  • Maintain the security policy framework and translate standards (e.g., NIST CSF, ISO 27001, SOC 2) into actionable control requirements.
  • Manage security related compliance activities and audits; maintain evidence and track remediation to closure.
  • Operate the vendor security risk management program and escalate high risk vendors and systemic issues.
  • Produce concise risk and compliance metrics and dashboards for the CISO and senior leadership.
  • Mentor GRC staff and act as a trusted advisor to Security, IT, Legal, Privacy, and business teams.
  • Partner with the CISO and Sr. Manager of Security Operations to update the Strategic Information Security Program.

Benefits

  • Medical insurance
  • Dental insurance
  • Vision insurance
  • Health care and dependent care flexible spending account
  • 401(k) retirement savings plan with a company match
  • Paid time off (PTO) begins accruing immediately upon start date at a rate of 15 days per year, in accordance with Sound's PTO policy
  • Ten company-paid holidays per year
© 2026 Teal Labs, Inc
Privacy PolicyTerms of Service