Grc (governance, Risk, And Compliance) Specialist

Cape Town, Western Cape, South Africa

Job Description


About the job GRC (Governance, Risk, and Compliance) SpecialistEyeCarePro is seeking a highly skilled GRC Specialist to lead our policies and procedures, ensuring governance, risk management, and compliance across our organization. As a leader in digital marketing solutions for eye care professionals, we require a compliance expert to guide the implementation of security strategies, maintain regulatory adherence, and foster continuous improvement in security and privacy practices specific to the healthcare and digital marketing industries.Key Responsibilities:Compliance Implementation & Risk Management:

  • Lead the development and enforcement of compliance policies and procedures tailored to the needs of EyeCarePro.
  • Ensure the organization meets regulatory requirements, including HIPAA, ISO 27001, and NIST, particularly in handling sensitive patient data for eye care professionals.
  • Create and maintain risk assessment documentation, including Disaster Recovery Plans.
  • Identify vulnerabilities, assess risks, and implement mitigation strategies.
ISO 27001 & Security Frameworks:
  • Develop, implement, and manage an Information Security Management System (ISMS) aligned with ISO 27001.
  • Oversee certification processes and ensure ongoing compliance with healthcare marketing and data privacy standards.
  • Draft and implement security and privacy policies in alignment with best practices for EyeCarePros digital platforms.
HIPAA & Healthcare Compliance:
  • Ensure compliance with HIPAA regulations, including the Privacy Rule, Security Rule, and Breach Notification Rule, as they relate to EyeCarePros services for eye care professionals.
  • Implement business associate compliance solutions and security frameworks to protect sensitive patient and client data.
Auditing & Continuous Improvement:
  • Conduct internal audits and maintain comprehensive compliance documentation.
  • Drive continuous improvement in security and compliance practices to enhance the safety and trustworthiness of EyeCarePros services.
Security Awareness & Training:
  • Educate employees on security policies and best practices specific to handling healthcare-related data.
  • Foster a culture of compliance and vigilance throughout the organization.
Preferred Qualifications & Experience:
  • Proven experience in governance, risk, and compliance, including ISO 27001 implementation.
  • Strong understanding of HIPAA regulations and healthcare data compliance requirements.
  • Familiarity with EHNAC standards; direct accreditation experience is a plus.
  • Expertise in risk assessment and mitigation strategies.
  • Experience conducting internal audits and managing compliance-related projects.
  • Strong communication and training skills.
Preferred Certifications:
  • ISO 27001 Lead Implementer or Auditor
  • CISSP, CISM, or CIPP/US
Desirable Skills:
  • Familiarity with security frameworks such as NIST.
  • Experience with security tools for compliance and risk management.
  • Understanding of digital marketing compliance in healthcare settings.
This is a fully remote position with working hours from 9 AM - 5 PM EST.

EyeCarePro

Beware of fraud agents! do not pay money to get a job

MNCJobs.co.za will not be responsible for any payment made to a third-party. All Terms of Use are applicable.


Job Detail

  • Job Id
    JD1405993
  • Industry
    Not mentioned
  • Total Positions
    1
  • Job Type:
    Full Time
  • Salary:
    Not mentioned
  • Employment Status
    Permanent
  • Job Location
    Cape Town, Western Cape, South Africa
  • Education
    Not mentioned