Director of Security, GRC (Remote)

Remote Full-time
Aledade is seeking a Director of Governance, Risk & Compliance (GRC) to lead and scale our enterprise GRC program. Reporting directly to the Chief Information Security Officer (CISO), this role is responsible for building out a cohesive framework for risk management, compliance, and certifications while ensuring that security, privacy, and governance practices align with regulatory, contractual, and audit expectations.

The Director will manage a growing team (currently two direct reports) and own Aledade’s risk program, GRC platforms (including Vanta), and policy framework. This leader will be accountable for driving compliance certifications (SOC 2, HIPAA, SOX/ITGC, HITRUST, CPRA), partnering across Security, IT, Product, and Legal to ensure evidence is ready for external audits, and ensuring governance enables both innovation and protection of sensitive patient data.

Primary Duties:
• Build, lead, and continuously mature Aledade’s Governance, Risk & Compliance program.
• Own and maintain the enterprise risk management framework and risk registry, facilitating reviews and reporting to leadership and the Audit Committee.
• Lead Aledade’s compliance certification programs, including SOC 2, HIPAA, SOX/ITGC, HITRUST, and CPRA.
• Manage audit preparedness and execution for external assessments, ensuring evidence collection and readiness across business and technology teams.
• Oversee the Vanta Trust platform, including continuous control monitoring, automation of evidence gathering, and Trust Center management.
• Develop and enforce policies and standards, ensuring clarity, adoption, and alignment with frameworks such as NIST, ISO 27001, HIPAA, and AI RMF.

Minimum Qualifications:
• 10+ years of experience in Governance, Risk, and Compliance, Information Security, or related fields, with at least 5 years in leadership roles.
• Strong knowledge of risk management frameworks and regulatory requirements, including SOC 2, HIPAA, SOX/ITGC, HITRUST, and CPRA.
• Demonstrated experience preparing organizations for external audits and regulatory certifications.
• Hands-on experience with GRC platforms (e.g., Vanta, OneTrust, Archer, or similar).
• Proven ability to design and operationalize compliance programs, policies, and evidence frameworks at scale.
• Excellent leadership, communication, and cross-functional collaboration skills.
• Preferred: CISA, CISM, CRISC, or CISSP certifications.

Preferred Knowledge, Skills and/or Abilities:
• Deep knowledge of GRC frameworks and regulations (SOC 2, HIPAA, SOX/ITGC, HITRUST, CPRA, NIST, ISO 27001).
• Strong program management and audit readiness skills, including policy development, evidence collection, and external audit coordination.
• Skilled in leveraging GRC platforms (e.g., Vanta, OneTrust) to automate compliance and streamline controls monitoring.
• Proven leadership and people development abilities, with experience growing and mentoring high-performing teams.
• Excellent collaboration and communication skills, with the ability to influence executives, engineers, and auditors.
• Ability to balance compliance requirements with innovation, translating regulations into scalable, practical processes.

Who We Are:

Aledade, a public benefit corporation, exists to empower the most transformational part of our health care landscape - independent primary care. We were founded in 2014, and since then, we've become the largest network of independent primary care in the country - helping practices, health centers and clinics deliver better care to their patients and thrive in value-based care. Additionally, by creating value-based contracts across a wide variety of health plans, we aim to flip the script on the traditional fee-for-service model. Our work strengthens continuity of care, aligns incentives and ensures primary care physicians are paid for what they do best - keeping patients healthy. If you want to help create a health care system that is good for patients, good for practices and good for society - and if you're eager to join a collaborative, inclusive and remote-first culture - you've come to the right place.

What Does This Mean for You?

At Aledade, you will be part of a creative culture that is driven by a passion for tackling complex issues with respect, open-mindedness and a desire to learn. You will collaborate with team members who bring a wide range of experiences, interests, backgrounds, beliefs and achievements to their work - and who are all united by a shared passion for public health and a commitment to the Aledade mission.

In addition to time off to support work-life balance and enjoyment, we offer the following comprehensive benefits package designed for the overall well-being of our team members:

Flexible work schedules and the ability to work remotely are available for many roles

Health, dental and vision insurance paid up to 80% for employees, dependents and domestic partners

Robust time-off plan (21 days of PTO in your first year)

Two paid
Apply Now →

Similar Jobs

Experienced Registered Behavior Technician for In-Home ABA Therapy - Atlanta, GA

Remote

Immediate Hiring: Experienced Registered Behavioral Technician (RBT) for Clinic-Based ABA Therapy Services

Remote

Experienced Registered Behavioral Technician (RBT) - ABA Therapy for Children with Autism Spectrum Disorder

Remote

Experienced Registered Nurse - Telehealth: Providing Remote Care Coordination and Patient Support

Remote

Experienced Substitute Teacher for Riverside County Schools - Join Scoot Education's Innovative Team

Remote

Experienced Substitute Teacher for San Bernardino County - Flexible Schedules & Competitive Pay

Remote

Experienced School Year Instructional Coach for High-Dosage Tutoring Programs in Edgewater Park, NJ

Remote

Experienced School Year Tutor for K-8 Students in Math and Literacy - Mickleton, NJ

Remote

Experienced Secondary Social Studies Teacher for Kansas - Flexible Hybrid Remote Arrangement

Remote

USPS Office Helper

Remote

Brand Manager - Live operation game

Remote

Global Partner Communications Specialist

Remote

Staff Tax Strategy Consultant (CPA Eligible, Remote) | Insight CPAs & Financial, PLLC | Handshake

Remote

Clinical Quality and Safety Specialist (RN / PA)

Remote

Apply Now: Customer Service Associate

Remote

Cybersecurity Engineer (SOAR) [JOB ID 20251222]

Remote

Implementation Director

Remote

Client Support Representative - Remote Data Entry Clerk

Remote

Experienced Virtual Chat Assistant – Customer Service and Support Expert

Remote

[Remote] Valuations Analyst

Remote
← Back