Chief Product Evangelist
RescaleSalary not specified
Full Time
Expert & Leadership (9+ years)
Director, Governance, Risk & Compliance at Fresenius Medical Care
Lexington, Massachusetts, United States
Not SpecifiedCompensation
Senior (5 to 8 years), Expert & Leadership (9+ years)Experience Level
Full TimeJob Type
UnknownVisa
Healthcare, Medical DevicesIndustries
Requirements
- Bachelor’s degree (or equivalent foreign degree) in Information Science, Computer Science, or a closely related field
- 8 years of experience as an IT Program Manager
- 5 years of experience (which can overlap with the primary experience) working with IT governance, risk, and controls, including governance frameworks and information security and technology frameworks specifically NIST CSF, NIST 800-53, CSACSM, COBIT, ITIL, ISO 2700X, HITRUST, and Cloud Security Alliance (CSA) and Cybersecurity Governance
Responsibilities
- Manage Information Security Governance, Risk, and Compliance (GRC) programs across global business units
- Interact with diverse, cross-functional, and global stakeholders to identify and remediate security risks to critical business processes and IT infrastructure, defining risks’ potential business impact, applying mitigation strategies, and ensuring effective controls
- Manage the tactical execution of short- and long-term IT governance and security objectives through coordination of IT infrastructure and systems activities, with responsibility for results including costs, methods, and staffing
- Oversee coordination of Information Security activities, with responsibility for workflows, prioritization, and team staffing/assignments
- Provide technical guidance and lead various IT governance and security programs and projects
- Lead process improvement documentation efforts related to IT security and compliance management
- Exercise technical proficiency in IT and cybersecurity industry practices and business principles, analyzing diverse issues with consideration of business trends
- Manage a program to protect, govern, and monitor cybersecurity governance across Fresenius Medical Care business units specific to compliance requirements
- Direct an organization-wide Incident Management Program in collaboration with Legal, IT, and Compliance across all business units
- Lead the implementation and enhancement of a Cybersecurity Governance Program, including a security and control framework with standards, measures, reporting, practices, and procedures assuring compliance with NIST, ISO 27001/02, PCI, CCPA, and GDPR
- Develop and maintain strong partnerships with Senior IT, Legal, Compliance, HR, Internal Audit, and other relevant business units and third-party vendors to ensure understanding, awareness, and adoption of cybersecurity compliance responsibilities
- Participate and present at meetings with internal and external stakeholders to establish cooperative efforts for team projects
- Identify gaps and ensure appropriate remediation plans are developed to mitigate IT security vulnerabilities, exceptions, and defects, reducing risk to confidentiality, integrity, or availability of information
- Evaluate and ensure security technology is configured and operated according to established requirements and standards
- Collaborate with incident response, threat intelligence, and vulnerability management teams to drive remediation of security vulnerabilities based on quantified risk
- Assist in developing the implementation of the eGRC (Enterprise Governance, Risk & Compliance) tool to support governance, risk, and compliance efforts across the organization
Skills
Key technologies and capabilities for this role
Questions & Answers
Common questions about this position
Is this Director, Governance, Risk & Compliance position remote?
Yes, the position is remote and based in Lexington, Massachusetts.
What salary or compensation is offered for this role?
This information is not specified in the job description.
What key skills and expertise are required for this position?
The role requires technical proficiency in IT and cybersecurity industry practices, knowledge of frameworks like NIST, ISO 27001/02, PCI, CCPA, and GDPR, and strong abilities in managing governance, risk, compliance programs, incident management, and cross-functional stakeholder collaboration.
What does the work environment and team collaboration look like?
The role involves interacting with diverse, cross-functional, and global stakeholders, developing partnerships with Senior IT, Legal, Compliance, HR, Internal Audit, and third-party vendors, and participating in meetings with internal and external representatives.
What makes a strong candidate for this Director GRC role?
Strong candidates will have experience managing IT governance, risk, and compliance programs globally, leading incident management and cybersecurity governance initiatives, and coordinating cross-functional teams with expertise in relevant compliance frameworks.
Fresenius Medical Care
Provides dialysis and renal healthcare services
About Fresenius Medical Care
Fresenius Medical Care North America focuses on delivering high-quality healthcare services to individuals with kidney and other chronic conditions. The company operates a vast network of dialysis centers and outpatient labs for cardiac and vascular care, ensuring coordinated treatment for many patients across the continent. It stands out as the largest fully integrated renal company, providing not only dialysis services but also specialty pharmacy and laboratory services. Additionally, Fresenius manufactures and distributes a wide range of dialysis equipment, disposable products, and renal pharmaceuticals. The goal of Fresenius Medical Care is to enhance the quality of life for patients with chronic illnesses by providing comprehensive and accessible healthcare solutions.
Waltham, MassachusettsHeadquarters
1996Year Founded
$39.1MTotal Funding
LATE_VCCompany Stage
Biotechnology, HealthcareIndustries
11-50Employees
Benefits
Professional Development Budget
Conference Attendance Budget
Flexible Work Hours
Risks
Increased competition from telehealth solutions like Philips' eCareManager 4.1.
Rising mental health challenges may impact FMCNA's employee productivity.
Virtual reality education may face adoption and accessibility challenges in rural areas.
Differentiation
FMCNA is the world's largest fully integrated renal company.
FMCNA offers a comprehensive line of dialysis equipment and renal pharmaceuticals.
FMCNA provides coordinated healthcare services at pivotal care points for chronic conditions.
Upsides
Telehealth market growth supports FMCNA's remote patient monitoring services.
Home dialysis market expansion aligns with FMCNA's patient-centric care approach.
AI integration enhances FMCNA's predictive analytics and personalized medicine capabilities.
Related Jobs
RemoteRemoteSenior Analyst - DT Governance Risk And Compliance
ServiceNowSalary not specified
- Full Time
- Senior (5 to 8 years)
RemoteSenior Director, GRC Engineering
Vanta$303,000 - $356,000/year
- Full Time
- Senior (5 to 8 years), Expert & Leadership (9+ years)
RemoteChief Marketing Officer
LTSESalary not specified
- Full Time
- Expert & Leadership (9+ years)
RemoteDirector, Operational Governance
BrightseedSalary not specified
- Full Time
- Senior (5 to 8 years), Expert & Leadership (9+ years)
RemoteProgram Manager, GRC Education
Vanta$124,000 - $146,000/year
- Full Time
- Mid-level (3 to 4 years), Senior (5 to 8 years)
RemoteDirector, SOX Compliance
Omada HealthSalary not specified
- Full Time
- Expert & Leadership (9+ years)
RemoteHead of Legal, Risk, and Compliance
Built TechnologiesSalary not specified
- Full Time
- Senior (5 to 8 years)