Clover is reinventing health insurance by working to keep people healthier.
We value diversity — in backgrounds and in experiences. Healthcare is a universal concern, and we need people from all backgrounds and swaths of life to help build the future of healthcare. Clover's security team enhances the values of the organization by being supportive of the company's goals and objectives while fiercely defending our member's information.
We are committed and deliberate about protecting the integrity and availability of Clover's overall business. We are looking for empathetic security professionals to help us in ensuring the security of Clover Health. This includes ensuring service availability, systems/data integrity, member privacy, compliance, and building trust in the Clover brand.
We are looking for a Security GRC Manager, reporting directly to Clover’s CISO to be responsible for assisting and maintaining the company’s Information and Cyber security governance, risk, and compliance (GRC) program.
As a Security GRC Manager, you will:
Oversee HIPAA, SOx, HITRUST compliance assessment, evidence collection, and reporting.
Collaborate with various stakeholders to assist with compliance assessment and building requirements.
Manage and maintain compliance data in GRC tools (ZenGRC).
Monitor and maintain the Risk Register and provide data for metrics. Escalate outstanding issues and risk mapping.
Assist in the maintenance of Clover policies and standards, ensure procedures support standards.
Evaluate and process exceptions to information security policies and standards.
Provide remediation and policy guidance for multiple stakeholders.
Assist with Incident Response, Business Continuity, and Disaster Recovery program, to include running table-top and live testing.
Assist with document and contract reviews.
Ensure compliance with various regulations.
Other related duties as needed.
You will love this job if:
If you believe in the integration of Governance, Risk and Compliance activities that can empower a company to provide a compliant business model, manage significant risks to the business’ goals and objectives, and provide accurate information to empower better decision making.
You are a strong critical thinker and enjoy working on challenging problems.
You enjoy partnering and communicating with a range of business professionals.
You have the ability to work effectively across multiple teams and can organize priorities.
You should get in touch if:
You have 5+ years of GRC and security audit and/or assessment experience, healthcare preferred.
You have knowledge of automated GRC platforms, such as ZenGRC preferred.
You have strong knowledge of security risk management frameworks including related regulatory compliance requirements (NIST CSF & 800-53, ISO27001, SOC, SOx, HITRUST, HIPAA).
You have the ability to work in a globally distributed organization and have an understanding of international information security regulations.
You have experience working in a Cloud, SaaS and AI/ML environment preferred.
You have a Bachelor’s degree, international, or equivalent work experience.
You have relevant Security and/or Risk certifications such as CISA, CRISC, etc.
About Clover Health
We're a health insurance company on a mission to improve lives
At Clover Health, we’re working to solve the country’s most complex and expensive problem: improving healthcare. Clover Health is a Medicare Advantage insurer that combines technology and preventive care to lower costs and increase the quality of life for those who need it most.