GRC Manager (Remote)

 Everly Health - Company site
 June 22, 2022
 Austin, TX (Remote)
Everly Health’s mission is to transform lives with modern, diagnostics-driven care. Headquartered in Austin, Texas, Everly Health is the parent company to Everlywell, offering at-home tests to consumers, Everly Health Solutions, offering complete solutions for diagnostics-driven virtual care at scale, Natalist, offering fertility and pregnancy essentials, and Everly Diagnostics, our CLIA certified and CAP accredited laboratory network. 
We’ve created a new kind of healthcare experience that’s centered around people. Our infrastructure guides the full testing experience with the support of a national clinician network that’s composed of hundreds of physicians, nurses, genetic counselors, PharmDs, and member care specialists. Our solutions enable world-class virtual care through rigorous clinical protocols and best-in-class science, in order to tackle some of healthcare’s biggest problems.
The GRC Audit Program Manager will ensure the execution of the Continuous Auditing & Monitoring program by performing analysis within the control architecture to achieve and maintain compliance with GRC program frameworks.  The incumbent will be responsible for analyzing data to better understand potential risks, concerns and outcomes of business decisions and managing risks related to business processes.

What You’ll do:

  • Execute and continuously improve a comprehensive risk-based audit program to effectively test controls, continuously review, and improve departmental policies and procedures to achieve greater efficiencies and effectiveness.
  • Review complex business processes, systems, workflows, SOPs, and policies to identify, document, and elevate the presence of risks and trends within, that may be non-compliant with contracts and/or statutory or regulatory requirements.
  • Interact with all levels of staff and management to assess operational and technology risks and perform tactical risk assessments within the organization.
  • Liaise with internal and external resources in conducting compliance audits and risk assessments
  • Create reports, summaries, presentations and process documents to display results
  • Aggregate data from multiple sources to provide input to the enterprise risk register
  • Manage GRC software solution specific to auditing and monitoring programs
  • Provide support and training to staff to build risk awareness
  • Handle other duties, as needed
  • Who You Are:

  • 5+ years experience in executing and organizing audits, certification programs and control assessments, including, but not limited to the compliance control lifecycle (design, implementation and effectiveness), analyzing control processes and diagrams, scope planning, defining control procedures based on requirements, policies and standards, control testing, mapping issues to risks and socializing results.
  • 3+ years experience in project management establishing and driving business-critical GRC initiatives.
  • At least one certification in the following (more than one is preferred): CIA, GRCP, CRMA, CFE, CQA, CISA, CISM, CISSP, QSA, CCSFP, CRISC, CIPP-US or CIPP-E, CDPSE, CGEIT, and/or similar risk management / IT assurance certifications.
  • Strong knowledge of and experience in security risk management and with control frameworks including related regulatory compliance requirements (e.g., SOC, SOX, HITRUST, HIPAA, FedRAMP, PCI) required (internal audits is a different department/posting) and applicable standards, policies and regulations
  • Strong knowledge of and experience in all facets of integrated security governance, risk, and compliance management
  • Must have proven ability to train and mentor team members on complex concepts.
  • Demonstrated ability to provide cross-functional leadership in projects with multiple stakeholders. 
  • Strong oral and written communication skills.
  • Evidence of personal adherence to high standards of ethics and integrity. 
  • Strong problem-solving and decision-making skills with demonstrated ability to think creatively and devise solutions to challenging problems.
  • Ability to thrive in a fast-paced, lean, highly dynamic environment.
  • You’ll Love Working Here:
    · Venture backed by top-tier firms
    · The opportunity ahead knows no bounds
    · Open vacation policy for salaried team members
    · Front Loaded PTO for hourly team members
    · Employee discounts
    · Paid parental leave
    · Health benefits
    · 401(k)
    NO EXTERNAL RECRUITERS – INDIVIDUAL APPLICANTS ONLY
    Everly Health is committed to providing equal employment opportunities in all employment practices. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, citizenship status, marital status, age, disability, protected veteran status, sexual orientation or any other characteristic protected by law.
    HIPAA Disclaimer: This role will be in an environment that has access to protected health information (PHI) and all security standards to protect PHI must be followed.