Match score not available

Unlock Premium Benefits Today!
🚀 Elevate your career with priority access.
Stand out to top recruiters with Jobgether Priority Access:
  • ✅ Top Match: We help you identify job offers where you're a perfect fit.
  • ✅ Exclusive Referral Service: Connect directly with recruiters as a Jobgether Certified Premium User.
  • ✅ Personalized Feedback: Receive feedback and expert guidance on applications, and have your profile manually reviewed.

Start Your Free Trial Now!

Start my free trial

vCISO – GRC Advisor (Healthcare Focus)

extra holidays - fully flexible
Remote: 
Full Remote
Contract: 
Full time
Salary: 
10 - 27K yearly
Experience: 
Senior (5-10 years)
Work from: 
United States

Offer summary

Qualifications:

5+ years of experience in GRC, Familiarity with HIPAA and HITECH, Experience with NIST Privacy Framework, Strong written and verbal communication skills.

Key responsabilities:

  • Handle governance, risk, and compliance requirements
  • Collaborate with healthcare clients' key contacts

RKON logo
RKON SME https://www.rkon.com/
51 - 200 Employees
About RKON
Since 1998, RKON has delivered IT Transformation helping private equity and enterprise firms achieve Quiet IT from vision to execution. We believe IT should seamlessly serve the business strategy versus getting in the way of execution. Our team at RKON has developed a refined approach, through years of experience, that delivers a clear vision of a scalable, agile, secure, cost optimized and low risk end state. To achieve this end state, RKON provides IT solutions in three stages, first building an advisory practice that sends the strategy in the right direction, an execution practice ensuring that vision is turned into reality and a management practice the keeps the vision on track as IT evolves to serve the business. Because of our record in providing best-in-class IT solutions and our staff of respected and extremely knowledgeable professionals, RKON has been recognized by Crain’s Fast Fifty, CRN Growth 150, Inc. 5000 and Inc. Magazine’s list of 500 fastest-growing private companies. RKON’s trusted advisors deliver strategic guidance, advanced technical knowledge and realistic assessments to give your organization the competitive advantage it requires in today’s environment of rapidly evolving technologies. Here at RKON, we understand that our client’s success starts with our organizational cohesion. Recognized by Computerworld as one of the 100 Best Places to Work in IT, RKON is focused on developing an organization that fosters creativity, innovation and cooperation across all levels. This approach plays an integral role in providing our clients the quality IT solutions they require. We encourage and reward an environment that promotes imagination, innovation and collaboration – where our intelligent IT solutions grow from the bright minds of the RKON team. Build your organization’s IT infrastructure with RKON and realize the unrestricted possibilities of Quiet IT.
See all jobs

Job description

About us: RKON is an ISO27001 and AICPA SOC 2 Type II certified company that specializes in providing IT migration and transformation services for the Mergers and Acquisitions market.  RKON was recently recognized as one of the 100 best places to work in IT, highlighting our competitive advantage of empowering thought leaders and providing cutting-edge solutions for the fast-paced industry of private equity. RKON is looking for ambitious professionals to join our award-winning team. We have a proven track record for finding and developing top talent with people that believe they can achieve something greater. We also pride ourselves on fostering an environment where initiative, creative thinking, and collaboration are encouraged and rewarded—a key reason for the extraordinary level of service we deliver to our customers.

RKON does not accept unsolicited resumes from staffing agencies, search firms or any third parties.

About the position: The vCISO GRC Advisor is responsible for the first line of handling governance, risk, and compliance requirements within the RKON Virtual Chief Security Officer (vCISO) service and responding with existing security controls, identifying gaps, or providing corrective actions. This position requires a motivated fast learner who can work within key regulatory, industry-mandated, and security certification functions to identify, analyze, and remediate potential governance, risk, and compliance gaps in RKON’s and clients’ environments.

This role particularly seeks expertise in healthcare-specific compliance frameworks and regulations, including HIPAA, HITECH, and other privacy and security standards essential for the healthcare industry. The Advisor will require experience implementing and maintaining a governance, risk, and compliance framework tailored to healthcare environments. The framework includes maintaining the risk register, asset management, business entities, project/service/vendor risk, and compliance mapping to healthcare-specific government regulations, industry mandates, and security best practices. Knowledge of evolving security controls and technological processes relevant to healthcare is critical. This position reports to the Security Advisory Manager.

The GRC Advisor will perform key internal and client-facing managed governance, risk, and compliance services activities, including identification of risks (threats and vulnerabilities), healthcare compliance requirements, documentation of security controls, security control testing, and compliance monitoring. This role also involves collaborating on an ongoing basis with healthcare clients’ key technical contacts and stakeholders to support the identification, analysis, remediation, and reporting of governance, risk, and compliance requirements and exceptions,

Responsibilities Include:
  • Assist in establishing a mature and optimized Virtual Chief Security Officer service discipline to support managed compliance services focused on client-facing advisory engagements.
  • Provide risk consulting and monitoring for project, service, and vendor risks within multiple client workbenches.
  • Leverage NIST CSF and Security Controls Framework (SCF) to perform internal audits documenting current implemented security controls, identified gaps, and recommended remediations.
  • Maintain the mapping of the Security Controls Framework (SCF) to relevant government regulations, industry mandates, and security best practices.
  • Coordinate RKON’s internal compliance and certification processes for ISO 27001, PCI DSS, SOC Type 2, HITRUST, and any other future compliance requirements.
  • Identify and remediate security control testing exercises and assist with risk prioritization.
  • Research various regulations by reviewing regulatory bulletins and other sources of compliance information.
  • Compiles information by coordinating compliance certification filings and maintaining updated security control frameworks, 
  • Respond to clients in a timely manner (within documented SLA) with thorough and concise analysis and recommended actions.
  • Document actions in cases to effectively communicate information to internal and external stakeholders as well as for historical retrieval.
  • Develop and enhance RKON company and client policies, procedures, and security practices;
  • Resolve problems independently and understand escalation procedures;
  • Participate in security incidents and act as the compliance Subject Matter Expert during significant security incidents;
  • Utilize analytics to identify potential compliance gaps in the environment.
  • Collaborate with RKON and Client technical leads and Subject Matter Experts including Engineering, Operations, Service Desk, Applications, and client key stakeholders on matters related to compliance audits and monitoring.
  • Collaborate and serve as liaison to key security vendor solution partners.
  • Act as internal governance, risk, and compliance consultant to the business and technology units, advising on risks, threats, and control practices.
  • Assist in development and knowledge sharing within the team;
  • Assist in governance, risk, and compliance framework and report tuning.

Required Technical and Professional Expertise
  • 5+ years of experience working within a Governance, Risk, and Compliance, or Internal Audit team.
  • Familiarity with compliance regulations, such as HIPAA, HITECH, PCI DSS, or other industry-specific requirements.
  • Experience applying privacy frameworks, such as the NIST Privacy Framework, to risk and compliance initiatives.
  • Critical thinking and problem-solving skills applicable across industries, with an ability to adapt to healthcare-specific challenges.
  • Passion for governance, risk, and compliance frameworks and technology, with a focus on scalability across diverse sectors, including healthcare.
  • Strong business acumen, including written and verbal communication skills, to effectively engage with RKON and client technical subject matter experts.
  • Strong interpersonal and organizational skills to manage compliance programs for clients in healthcare and other industries.

Preferred Technical and Professional Expertise
  • Experience implementing and managing GRC programs, with an emphasis on healthcare-specific frameworks such as HIPAA, HITECH, and HITRUST.
  • Understanding of breach notification requirements under HITECH and similar regulatory frameworks.
  • Familiarity with healthcare certification processes and security best practices, alongside experience with other industry standards like ISO 27001, SOC 2, or PCI DSS.
  • Industry-related certifications: CISSP, ISO 27001 Lead Auditor, CISA, Security+, ITIL, or healthcare-specific certifications such as HCISPP (HealthCare Information Security and Privacy Practitioner).
  • Working experience with security control technologies and their application in both healthcare and broader GRC contexts.

Required profile

Experience

Level of experience: Senior (5-10 years)
Spoken language(s):
English
Check out the description to know which languages are mandatory.

Hard Skills

Risk ManagementSecurity ControlsConventional PCIPersonal Security

Other Skills

  • Governance
  • Social Skills
  • Problem Solving
  • Communication
  • Critical Thinking
  • Organizational Skills
Are you interested?

Related jobs

See more jobs