Director GRC & Security Architecture

Job description

Pay Grade: 33S Context of Job: The Director of GRC and Security Architecture is a senior leadership role responsible for governing the organization’s information security risk, compliance, and architectural security posture. This role provides enterprise-wide leadership across governance, risk management, regulatory compliance (including HIPAA), and security architecture to ensure security controls are designed, implemented, and operating effectively in support of business, academic, and clinical objectives. Serving as the designated HIPAA Security Officer, this role partners closely with Legal, Privacy, Compliance, IT, Cloud, Application, and Security Operations teams to ensure regulatory readiness, risk-informed decision-making, and secure-by-design technology architecture across on-premises, cloud, and SaaS environments. This position reports to the Chief Information Security Officer of the University. Major Responsibilities: Governance, Risk & Compliance (GRC) - Lead the enterprise Information Security Governance, Risk, and Compliance (GRC) program. - Establish and maintain security policies, standards, procedures, and control frameworks aligned with NIST, HITRUST, ISO 27001, a...