Hill Physicians Medical Group
Security GRC Engineer - 25-210
Hill Physicians Medical Group, San Ramon, California, United States, 94583
Job Overview
At Hill Physicians Medical Group, we’re shaping the future of healthcare with actively managed care that prevents disease, supports chronic conditions, and anticipates our members’ needs.
DE&I Statement At PriMed, your uniqueness is valued, celebrated, encouraged, supported, and embraced. Whatever your relationship with Hill Physicians, we welcome ALL that you are. We value and respect your race, ethnicity, gender identity, sexual orientation, age, religion, disabilities, experiences, perspectives, and other attributes. Our celebration of diversity and foundation of inclusion allows us to leverage our differences and capitalize on our similarities to better serve our communities. We do it because it's right!
Job Description We are seeking a skilled Governance, Risk, and Compliance (GRC) Engineer to strengthen our security posture and ensure adherence to healthcare regulations. The GRC Engineer will design, implement, and maintain risk management processes, compliance frameworks, and policies that align with healthcare regulations such as HIPAA and HITECH, using tools like SAI360, CyberArk, and other compliance and security platforms.
Responsibilities
Develop, implement, and maintain GRC policies, processes, and controls in alignment with industry best practices and regulatory requirements (e.g., HIPAA, HITECH, NIST, ISO 27001).
Perform risk assessments and develop mitigation strategies for identified security risks.
Administer and optimize SAI360 for governance, risk management, and compliance activities, including reporting and policy management.
Collaborate with cross-functional teams to ensure new projects and systems are designed with security and compliance in mind.
Monitor and report on compliance status, identifying gaps and proposing remediation strategies.
Oversee third‑party vendor risk assessments and ensure adherence to security requirements.
Support internal and external audits by providing documentation, evidence, and responses to audit findings.
Conduct security awareness training programs and promote a culture of compliance within the organization.
Required Experience & Skills
5+ years of experience in Governance, Risk, and Compliance roles or a related field.
Strong knowledge of healthcare regulations, including HIPAA, HITECH, and other relevant standards.
Proficiency in GRC tools such as SAI360 for compliance and risk management.
Experience with privileged access management tools like CyberArk.Solid understanding of risk assessment methodologies and security frameworks, including NIST CSF, ISO 27001, or COBIT.
Excellent communication and collaboration skills to engage with technical and non-technical stakeholders.
Strong analytical and organizational skills with attention to detail.
Preferred Experience & Skills
Experience working in the healthcare industry or with Protected Health Information (PHI).
Familiarity with tools such as Varonis, Extrahop, or SIEM platforms.
Knowledge of data classification, data loss prevention (DLP), and data governance.
Relevant certifications such as Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), or Certified Risk and Information Systems Control (CRISC).
Experience implementing compliance with NIST 2.0 or managing frameworks for healthcare-related threats.
Required Education
Bachelor’s degree in computer science, Information Technology, Cybersecurity, or a related field.
Equivalent work experience may be considered in lieu of a degree.
Additional Information This role is critical in maintaining our organization’s compliance with healthcare security standards and reducing risk exposure. The position offers a collaborative environment with opportunities for professional development and certifications. Competitive salary and benefits package, with the chance to make a significant impact on healthcare security.
Salary Salary: $135,000 - $150,000 Annual
EEO Statement Hill Physicians is an Equal Opportunity Employer
Job Details
Seniority level:
Mid-Senior level
Employment type:
Full-time
Job function:
Information Technology
Industry:
Hospitals and Health Care
Location:
San Ramon, CA
#J-18808-Ljbffr
DE&I Statement At PriMed, your uniqueness is valued, celebrated, encouraged, supported, and embraced. Whatever your relationship with Hill Physicians, we welcome ALL that you are. We value and respect your race, ethnicity, gender identity, sexual orientation, age, religion, disabilities, experiences, perspectives, and other attributes. Our celebration of diversity and foundation of inclusion allows us to leverage our differences and capitalize on our similarities to better serve our communities. We do it because it's right!
Job Description We are seeking a skilled Governance, Risk, and Compliance (GRC) Engineer to strengthen our security posture and ensure adherence to healthcare regulations. The GRC Engineer will design, implement, and maintain risk management processes, compliance frameworks, and policies that align with healthcare regulations such as HIPAA and HITECH, using tools like SAI360, CyberArk, and other compliance and security platforms.
Responsibilities
Develop, implement, and maintain GRC policies, processes, and controls in alignment with industry best practices and regulatory requirements (e.g., HIPAA, HITECH, NIST, ISO 27001).
Perform risk assessments and develop mitigation strategies for identified security risks.
Administer and optimize SAI360 for governance, risk management, and compliance activities, including reporting and policy management.
Collaborate with cross-functional teams to ensure new projects and systems are designed with security and compliance in mind.
Monitor and report on compliance status, identifying gaps and proposing remediation strategies.
Oversee third‑party vendor risk assessments and ensure adherence to security requirements.
Support internal and external audits by providing documentation, evidence, and responses to audit findings.
Conduct security awareness training programs and promote a culture of compliance within the organization.
Required Experience & Skills
5+ years of experience in Governance, Risk, and Compliance roles or a related field.
Strong knowledge of healthcare regulations, including HIPAA, HITECH, and other relevant standards.
Proficiency in GRC tools such as SAI360 for compliance and risk management.
Experience with privileged access management tools like CyberArk.Solid understanding of risk assessment methodologies and security frameworks, including NIST CSF, ISO 27001, or COBIT.
Excellent communication and collaboration skills to engage with technical and non-technical stakeholders.
Strong analytical and organizational skills with attention to detail.
Preferred Experience & Skills
Experience working in the healthcare industry or with Protected Health Information (PHI).
Familiarity with tools such as Varonis, Extrahop, or SIEM platforms.
Knowledge of data classification, data loss prevention (DLP), and data governance.
Relevant certifications such as Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), or Certified Risk and Information Systems Control (CRISC).
Experience implementing compliance with NIST 2.0 or managing frameworks for healthcare-related threats.
Required Education
Bachelor’s degree in computer science, Information Technology, Cybersecurity, or a related field.
Equivalent work experience may be considered in lieu of a degree.
Additional Information This role is critical in maintaining our organization’s compliance with healthcare security standards and reducing risk exposure. The position offers a collaborative environment with opportunities for professional development and certifications. Competitive salary and benefits package, with the chance to make a significant impact on healthcare security.
Salary Salary: $135,000 - $150,000 Annual
EEO Statement Hill Physicians is an Equal Opportunity Employer
Job Details
Seniority level:
Mid-Senior level
Employment type:
Full-time
Job function:
Information Technology
Industry:
Hospitals and Health Care
Location:
San Ramon, CA
#J-18808-Ljbffr