Director, Information Security and Privacy Governance, Risk and Compliance (GRC)

Company: University of Chicago Medical Center
Location: Chicago
Posted on: October 24, 2024

Job Description:

Job Description
Join a world-class academic healthcare system, UChicago Medicine, as the Director, Information Security and Privacy Governance, Risk and Compliance (GRC) responsible for supporting and assisting the Chief Information Security and Privacy Officer (CISPO) in managing and coordinating the information security and privacy initiatives for UChicago Medicine.
The Director will provide leadership, executive support, strategic and operational guidance, including identifying, evaluating, and reporting on information security and privacy governance, compliance, and risk posture. This role will need to collaborate closely with the CISPO and other senior leaders. The Director will develop and implement cybersecurity and privacy governance and compliance initiatives, including policies and procedures to safeguard patients, data, and the organization's information assets.
Who you are:

Bachelor's degree in Information Security, Information Systems, Information Technology, or a related field; Master's degree favored.
At least 8 years of relevant experience in Information Security and Privacy risk is essential; At least 2 years in a leadership role is preferred.
Demonstrated proficiency with the HIPAA Privacy and Security Rules, and other federal, state, and internationally relevant regulations.
Knowledge and experience with security, privacy, and AI frameworks such as NIST CSF, NIST SP 800-53, NIST Privacy, NIST AI, HICP, PCI, and similar.
Experience in performing vulnerability assessments, security audits, and privacy impact assessments.
Knowledge of Privacy and Security by Design principles.
Academic medical center and/or health care consulting experience strongly preferred.

What you'll gain as the Director:
- High visibility as a trusted advisor to the CISPO, helping to ensure the effective and efficient strategic and risk operations.
- Opportunity to take a hands-on approach to ensure that privacy and security risk assessments, training and awareness, third-party risk management, and other governance, risk, and compliance functions are developed and performed consistently.
- Positioned to collaborate with internal and external auditors to assess the maturity and risks of the information security and privacy programs.
  
  What you'll do as the Director:
  - Lead the processes, personnel, and committees involved in the Governance, Risk and Compliance functions of Information Security and Privacy.
  - Ensure compliance with applicable laws, regulations, best practice frameworks, and contractual requirements.
  - Develop, mentor, and manage a staff of governance, risk, and compliance professionals.
  - Maintain an active risk register, manage the corrective action process, and manage the exception process.
  - Partner with audit groups and regulators in assessing internal controls and remediation of identified risks.
  - Assist in the development of the GRC program roadmap and develop business metrics to measure the effectiveness of the GRC program.
  - Review alignment with applicable cybersecurity and privacy frameworks and regulations, identify gaps, and assist with remediation plans.
  - Oversee and participate in the creation and revision of organizational policies, procedures, standards, and best practices to comply with all regulatory requirements.
  - Coordinate assessments of internal and third-party systems for privacy and security risks.
  - Lead the third-party contract review process for business associates and vendor relationships.
  - Assist in due diligence and post-integration activities related to information security and privacy for mergers and acquisitions.
  - Perform duties as assigned related to program oversight and efforts.
    
    Leadership at UChicago Medicine:
    E4 Leadership (Equity, Engage, Evolve, Excel) is a patient-centered management system that empowers teams to improve daily through structured problem-solving.
    As part of the senior executive team, this position will be instrumental in reinforcing and sustaining UCM's E4 Leadership Culture.
    Must comply with UCMC's COVID-19 Vaccination requirement as a condition of employment. Medical and religious exemptions will be considered consistent with applicable law. A pre-employment physical, drug screening, and background check are also required for all employees prior to hire.
    #J-18808-Ljbffr

Keywords: University of Chicago Medical Center, Carol Stream , Director, Information Security and Privacy Governance, Risk and Compliance (GRC), Accounting, Auditing , Chicago, Illinois

Click here to apply!

Didn't find what you're looking for? Search again!

Let Chicago recruiters find you. Post your resume for free!

Get Chicago Accounting, Auditing jobs via email.

View more Carol Stream Accounting, Auditing jobs

Other Accounting, Auditing Jobs

Business Tax Expert - 3+ Yrs Experience Required
Description: Overview At Intuit we believe everyone should have the opportunity to prosper, which is why our mission is Powering Prosperity Around the World. Being a mission-driven company includes living our values (more...)
Company: Intuit
Location: Joliet
Posted on: 11/3/2024

Senior Analyst Strategy Operations
Description: A company is looking for a Senior Analyst, Customer Engineering Strategy Operations. br Key Responsibilities br br
Company: VirtualVocations
Location: Aurora
Posted on: 11/3/2024

Finance Manager
Description: JOB SUMMARYThis position is responsible for the oversight of several functional areas such as: Profit Management and Financial forecasting and reporting. Responsible for providing insight and analysis (more...)
Company: Sysco
Location: Elgin
Posted on: 11/3/2024

Salary in Carol Stream, Illinois Area | More details for Carol Stream, Illinois Jobs |Salary

Controller
Description: Job Responsibilities: br Position Summary: Responsible for the oversight of all agency accounting activities. Lead all day-to-day accounting operations and supervise a staff of various financial professionals. (more...)
Company: Wisconsin Community Services
Location: Milwaukee
Posted on: 11/3/2024

Capital Markets Treasury Lead
Description: A company is looking for a Capital Markets Treasury Lead to oversee financing, liquidity, and
Company: VirtualVocations
Location: Milwaukee
Posted on: 11/3/2024

Senior Financial Analyst
Description: Analyst Needed to Support a Growing Business UnitThis Jobot Job is hosted by: Ross WiemerAre you a fit Easy Apply now by clicking the Apply button br and sending us your resume.Salary: 75,000 - (more...)
Company: Jobot
Location: Milwaukee
Posted on: 11/3/2024

Business Tax Expert - 3+ Yrs Experience Required
Description: Overview At Intuit we believe everyone should have the opportunity to prosper, which is why our mission is Powering Prosperity Around the World. Being a mission-driven company includes living our values (more...)
Company: Intuit
Location: Aurora
Posted on: 11/3/2024

Freelance Finance Writer
Description: A company is looking for a Freelance Finance Writer to produce SEO content related to Insurance.
Company: VirtualVocations
Location: Milwaukee
Posted on: 11/3/2024

Seasonal Business Tax Expert
Description: Overview At Intuit we believe everyone should have the opportunity to prosper, which is why our mission is Powering Prosperity Around the World. Being a mission-driven company includes living our values (more...)
Company: Intuit
Location: Aurora
Posted on: 11/3/2024

Seasonal Business Tax Expert
Description: You will be working toward advancing our goal of Powering Prosperity Around the World by providing expert guidance, tax preparation, and explanations of tax and technical terms to our customers. You will (more...)
Company: Intuit
Location: Joliet
Posted on: 11/3/2024

Loading more jobs...

Director, Information Security and Privacy Governance, Risk and Compliance (GRC)

Didn't find what you're looking for? Search again!

Other Accounting, Auditing Jobs

Log In or Create An Account