Current jobs related to Director, Information Security, Governance, Risk and Compliance - Remote, Oregon - Consensus Cloud Solutions

  • Senior Governance, Risk and Compliance Security Analyst

    2 weeks ago

    Remote, Oregon, United States Credit Acceptance Full time

    About the RoleCredit Acceptance is a leading provider of used car finance solutions, and we're seeking a highly skilled Senior Governance, Risk and Compliance Security Analyst to join our team. As a key member of our Engineering and Analytics Team, you will play a critical role in supporting the security direction of the business and elevating our company's...

  • Governance Risk Compliance Engineer

    4 weeks ago

    Remote, Oregon, United States reddit Full time

    Company OverviewReddit is a vibrant platform that fosters communities based on shared interests and authentic discussions. With millions of daily active users, it stands as one of the largest sources of information on the internet.Team OverviewThe SPACE (Security, Privacy, And Compliance Engineering) team is dedicated to safeguarding Reddit's workforce and...

  • Senior Governance, Risk, and Compliance Analyst

    4 weeks ago

    Remote, Oregon, United States Partech Full time

    About the Role:We are seeking a highly skilled Senior Governance, Risk, and Compliance Analyst to join our team at Partech. As a key member of our GRC team, you will be responsible for ensuring the effective implementation and management of our cybersecurity, privacy, and trust program.Key Responsibilities:Support the development and implementation of our...

  • Lead Security Governance and AI Strategist

    4 days ago

    Remote, Oregon, United States Solventum Full time

    Join Solventum's Team as a Lead Security Governance and AI AnalystSolventum is a pioneering company that enables better, smarter, safer healthcare to improve lives. As a new company with a long legacy of creating breakthrough solutions for our customers' toughest challenges, we pioneer game-changing innovations at the intersection of health, material, and...

  • Internal Auditor 2

    3 weeks ago

    Remote, Oregon, United States Hyland Full time

    Job SummaryThe Internal Auditor 2 is a key member of the Hyland team responsible for examining and evaluating the effectiveness of the company's governance, risk management, and internal control processes.Key ResponsibilitiesConduct thorough risk assessments and evaluations of financial and operating information to ensure accuracy and reliability.Evaluate...

  • Cyber Security Compliance Engineer

    4 weeks ago

    Remote, Oregon, United States WorkWave Full time

    POSITION SUMMARY:We are looking for a talented and knowledgeable Cyber Security Compliance Engineer to enhance our innovative team. The successful candidate will have a solid grasp of compliance and security frameworks, with a focus on standards such as PCI DSS, SOC, ISO, and PrivacyShield. This position requires collaboration with multiple departments to...

  • Cyber Security Compliance Specialist

    4 weeks ago

    Remote, Oregon, United States WorkWave Full time

    POSITION SUMMARY:We are looking for a proficient and knowledgeable Cyber Security Compliance Specialist to enhance our innovative team. The successful candidate will have a solid grasp of compliance and security standards, with a focus on PCI DSS, SOC, ISO frameworks, and PrivacyShield. This position entails collaborating with multiple departments to ensure...

  • Technical Risk Management Engineer

    1 month ago

    Remote, Oregon, United States reddit Full time

    Company OverviewReddit is a vibrant platform where diverse communities converge. It thrives on shared interests, trust, and open dialogue, hosting millions of authentic conversations daily. With a multitude of active communities and millions of unique visitors, Reddit stands as a significant source of information on the internet.Team OverviewThe SPACE...

  • Cyber Security Compliance Engineer

    4 weeks ago

    Remote, Oregon, United States WorkWave Full time

    POSITION SUMMARY:We are looking for a knowledgeable and dedicated Cyber Security Compliance Engineer to enhance our proactive security measures. The successful candidate will have a comprehensive grasp of compliance and security frameworks, particularly in PCI DSS, SOC, ISO standards, and PrivacyShield. This position requires collaboration across various...

  • Security Analyst II

    2 weeks ago

    Remote, Oregon, United States Credit Acceptance Full time

    About the RoleCredit Acceptance is seeking a highly skilled Security Analyst II to join our team. As a key member of our Governance, Risk, and Compliance (GRC) team, you will play a critical role in supporting the security direction of the business and elevating the company's security posture.Key ResponsibilitiesSupport the security strategy of the business...

  • Information Security Engineer

    1 month ago

    Remote, Oregon, United States TEKsystems Full time

    Job OverviewTEKsystems is in search of an Information Security Engineer dedicated to fortifying our network, software, systems, and infrastructure to adhere to the highest security protocols.Contract Duration: 3 Months to Start (potential for extension)Location: 100% RemoteKey Responsibilities:Oversee security policies and technical design throughout project...

  • Compliance Engineering Specialist

    4 weeks ago

    Remote, Oregon, United States reddit Full time

    Company OverviewReddit is a vibrant community platform where diverse interests and authentic conversations thrive. With millions of active users and communities, Reddit serves as a significant source of information and engagement on the internet.Team OverviewThe SPACE (Security, Privacy, And Compliance Engineering) team is dedicated to safeguarding Reddit's...

  • Manager of Compliance and Training Programs

    4 weeks ago

    Remote, Oregon, United States Partners In Health Full time

    Position OverviewPartners In Health (PIH) is seeking a proactive and detail-oriented Compliance and Training Manager with a robust background in contract and grant oversight within the nonprofit landscape, particularly in relation to public sector or high-compliance donor-funded projects. This role demands exceptional cross-cultural sensitivity and...

  • AWS Cloud Security Architect

    4 weeks ago

    Remote, Oregon, United States Brooksource Full time

    Job DescriptionJob Title: AWS Cloud Security EngineerCompany: BrooksourceLocation: RemoteJob Type: Full-timePay: $70.00 per hourExpected Hours: 40 per weekBenefits:401(k) matchingDental insuranceHealth insurancePaid time offVision insuranceResponsibilities:Key ResponsibilitiesDesign and Implement Cloud Security Architectures: Develop and implement cloud...

  • Azure Government Cloud Infrastructure Specialist

    3 weeks ago

    Remote, Oregon, United States Envision Full time

    Job OverviewAs an Azure Government Cloud Administrator at Envision, you will play a pivotal role in managing, configuring, and optimizing our Azure Government Cloud infrastructure. Your primary responsibility will be to ensure the reliability, security, and performance of our cloud-based systems, meeting the specific requirements and compliance standards of...

  • Azure Government Cloud Operations Expert

    3 weeks ago

    Remote, Oregon, United States Envision Full time

    Job OverviewAs an Azure Government Cloud Administrator at Envision, you will play a pivotal role in managing, configuring, and optimizing our Azure Government Cloud infrastructure. Your primary responsibility will be to ensure the reliability, security, and performance of our cloud-based systems, meeting the specific requirements and compliance standards of...

  • AWS Cloud Security Architect

    4 weeks ago

    Remote, Oregon, United States Brooksource Full time

    Job DescriptionJob Title: AWS Cloud Security EngineerCompany: BrooksourceLocation: RemoteJob Type: Full-timePay: $70.00 per hourExpected Hours: 40 per weekBenefits:401(k) matchingDental insuranceHealth insurancePaid time offVision insuranceResponsibilities:Key ResponsibilitiesDesign and Implement Cloud Security Architectures: Develop and implement cloud...

  • Manager of Government Relations Operations

    1 month ago

    Remote, Oregon, United States Zillow Full time

    Position Overview: The Manager of Government Relations Operations will play a pivotal role in managing team functions, Political Action Committee (PAC) processes, and project oversight to bolster the organization's advocacy and public policy initiatives while ensuring alignment with corporate objectives. Reporting Structure: This position will report...

  • Grants Compliance and Training Coordinator

    1 month ago

    Remote, Oregon, United States Partners In Health Full time

    Position OverviewPartners In Health (PIH) is seeking a proactive and detail-oriented Manager of Compliance and Training Initiatives with a strong background in contract and grant oversight within the nonprofit sector, particularly in high-compliance environments involving public sector or donor-funded projects. This role demands exceptional cross-cultural...

  • Cyber Security Professional

    3 weeks ago

    Remote, Oregon, United States WorkWave Full time

    Job SummaryWe are seeking a highly skilled and experienced Cyber Security Engineer to join our dynamic team at WorkWave. The ideal candidate will possess a strong understanding of both compliance and security principles, including expertise in industry standards and regulatory requirements.Key ResponsibilitiesCompliance and Security: Implement and maintain...

Director, Information Security, Governance, Risk and Compliance

3 months ago

Remote, Oregon, United States Consensus Cloud Solutions Full time

Consensus Cloud Solutions is a publicly traded, leading digital cloud fax and interoperability solutions organization in the United States and globally, focusing on connecting and empowering healthcare providers, payers, care teams, and technology innovators to unify multiple systems that wouldn't otherwise talk to each other. Consensus is a trailblazer in our industry and believes that data transformation will reshape the world of healthcare.

Founded over 25 years ago, Consensus leverages its technology heritage to move from simple digital documents to advanced healthcare standards (HL7/FHIR) for secure data transport, as well as Natural Language Processing (NLP) and Artificial Intelligence (AI) to convert unstructured to structured, analytics-ready data, helping users unveil information that is meaningful and actionable for better patient care.

With more than 11 million users worldwide, Consensus leads the industry in data exchange solutions and we're only getting started With exciting new initiatives on the horizon, we are continuing our strategic expansion and we are looking to add to our diverse team of innovators.

Now is the ideal time to join us in our mission to solve healthcare's biggest challenges, and work collaboratively with a diverse team of like-minded self-starters and partners to accomplish it.

Consensus Cloud Solutions is an Equal Opportunity Employer. We celebrate diversity and are committed to creating an inclusive and equitable environment for all employees. We offer many remote and hybrid career opportunities.


How you will impact the organization...

In this role, you will lead a team of information security GRC professionals to achieve certifications like HITRUST, ISO 27001, SOC 2, PCI, and FedRAMP, demonstrating cybersecurity assurance for internal operations and customers. You will collaborate with executives and various departments, including Engineering, Product Development, IT, Network Operations, Project Management, Sales, Marketing, Legal, Internal Audit, HR, and external partners, to maintain a top-tier security risk and compliance posture for Consensus Cloud Solutions. Daily interaction with Security Operations and Security Engineering teams is essential to ensure synergy, compliance monitoring, and support for security incident responses. Reporting to the VP of Information Security and CISO, you will be pivotal in strengthening our unified security and compliance framework. Responsibilities include managing security risk and compliance initiatives, conducting security training and phishing simulations, performing security vendor risk assessments, maintaining the customer-facing trust center, handling security inquiries, leading information security audits and product security certifications, coordinating business continuity exercises, continuous monitoring, and executive reporting. By aligning security initiatives with company goals, you will ensure our solutions remain secure, reliable, and trusted by customers.

The value you will deliver...

  • Manage the organization's Security risks, risk registers, and treatment plans. Coordinate with business stakeholders and lead point-in-time and annual security risk assessments on SaaS, IaaS, and PaaS products and solutions. Leads GRC participation in SDLC to assure compliance with policy requirements.
  • Lead a team of information security GRC professionals to streamline and accomplish security certifications and attestations on SaaS, IaaS, and PaaS products and solutions covering HITRUST, ISO 27001, SOC 2, PCI, and FedRAMP annually, demonstrating cybersecurity assurance internally and to customers.
  • Collaborate with staff across multiple products and departments, including Engineering, Product Development, IT, Network Operations, Project Management, Sales, Marketing, Legal, Internal Audit, HR, and external partners to maintain a world-class security risk and compliance posture for the company.
  • Conduct company-wide security training, phishing simulations, and awareness programs to educate employees on security best practices and reduce the risk of security incidents.
  • Perform security vendor risk assessments to evaluate and manage third-party security risks, ensuring all vendors meet the company's security standards.
  • Develop and maintain a customer-facing trust center to provide transparency and build customer trust by clearly communicating the company's security practices and certifications.
  • Handle security inquiries from customers promptly and accurately, enhancing customer confidence in the company's security posture.
  • Manage information security audits to assess and improve the company's security posture and ensure continuous compliance with industry standards and frameworks. This includes user access reviews and other key security measures.
  • Coordinate business continuity exercises with the BCP's owners to prepare for and respond to potential disruptions, ensuring the company's operational resilience.
  • Implement continuous real-time monitoring with security operations to identify and address non-conformities, security configuration baseline drifts, security risks, and threats while maintaining a proactive security stance across all products.
  • Provide executive and board of directors reporting on the company's security status, initiatives, and risk management efforts to ensure informed decision-making at the highest levels.
  • Develop and enforce robust security policies and procedures that align with the organization's goals and objectives, ensuring comprehensive security coverage and compliance across all products.
  • Align security initiatives with the company's strategic goals to ensure that all solutions remain secure, reliable, and trusted by customers, supporting the company's overall mission and business objectives.
  • Manage the design and implementation of GRC tooling and applications to ensure budget alignment and full utilization.
  • Manage programs and projects for GRC functions to ensure milestones are met and initiatives are on track within budget.
  • The role is crucial in overseeing the design and implementation of the organization's information security GRC program, including vendor risk, cloud security compliance, risk management, and organizational, administrative, and technical security controls. They ensure that security compliance is integral to the cloud technology stack.
  • Identifying, selecting, and implementing information security GRC tools and technologies that align with the organization's security program is an essential responsibility. This may include GRC platforms, training and awareness systems, third-party risk management solutions, and identity management systems.
  • Providing guidance and expertise to development and IT teams on designing and implementing secure and compliant solutions is critical. The role helps teams make informed decisions about technology and compliance choices that prioritize security.
  • Perform other duties and responsibilities as required, assigned, or requested. Consensus reserves the right to add or change duties at any time.

What you will bring to the table...

  • 10+ years experience in Information Security GRC role.
  • 8+ years of experience with GRC platforms for risk register management.
  • 6+ years of experience with Third-Party Risk Management (TPRM) platforms for risk register management.
  • 6+ years of experience with AWS cloud technologies.
  • 5+ years of experience leading and managing GRC professionals or equivalent experience.
  • Holding relevant security certifications such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or Certified Information Systems Auditor (CISA) that are active and in good standing or ability to obtain within 12 months of hire.
  • Proficiency in developing and conducting company-wide security training, phishing simulations, and awareness programs to educate employees on security best practices and reduce the risk of security incidents.
  • Experience in performing security vendor risk assessments to evaluate and manage third-party security risks effectively, ensuring vendors meet the organization's security standards.
  • Ability to develop and maintain a customer-facing trust center to provide transparency and build trust with customers by clearly communicating the company's security practices and certifications.
  • Skill in handling security inquiries from customers promptly and accurately, enhancing customer confidence in the organization's security posture.
  • Experience in managing information security audits to assess and improve the company's security posture and compliance with industry standards and regulatory requirements.
  • Proficiency in overseeing product security certifications to ensure all products meet necessary security requirements and maintain their certifications.
  • Knowledge of business continuity exercises and the ability to coordinate and conduct them to prepare for and respond to potential disruptions, ensuring operational resilience.
  • Ability to implement continuous monitoring and assessment programs to identify and address security threats in real time, maintaining a proactive security stance.
  • Experience in providing executive and board of directors reporting on the company's security status, initiatives, and risk management efforts to ensure informed decision-making.
  • Skill in developing and enforcing robust security policies and procedures that align with the organization's goals and objectives, ensuring comprehensive security coverage.
  • Ability to develop, update, and enforce information security policies, standards, and procedures that align with industry and regulatory requirements while ensuring they are practical and effective for cloud-based solutions and infrastructures like AWS.
  • Proficiency in identifying, assessing, prioritizing, and managing information security risks and experience in developing risk mitigation strategies for SaaS, IaaS, and PaaS-based products and solutions.
  • Knowledge of regulatory requirements (e.g., GDPR, HIPAA) and experience managing compliance assessments, audits, and regulatory inspections on cloud-based products and solutions.
  • Security Certifications and Attestations: Experience in achieving and maintaining security certifications and attestations on cloud-based products and solutions (e.g., HITRUST, ISO 27001, SOC 2, PCI, FedRAMP) and ability to manage audit preparations and responses.
  • Ability to collaborate effectively across departments, including Engineering, Product Development, IT, Network Operations, Project Management, Sales, Marketing, Legal, Internal Audit, HR, and external partners.
  • Understanding security operations and incident response procedures and experience in collaborating with security operations teams to ensure effective incident response for on-premise and cloud-based systems.
  • Ability to perform security vendor risk assessments and manage third-party security risks effectively.
  • Experience in developing and conducting company-wide security training, phishing simulations, and awareness programs.
  • Experience coordinating business continuity exercises and maintaining business continuity and disaster recovery plans.
  • Ability to implement and manage continuous monitoring and assessment programs to identify and mitigate security risks in real time.
  • Strong written and verbal communication skills, with experience preparing and presenting reports and recommendations to senior leadership and the board of directors.
  • Ability to align security initiatives with the company's strategic goals and business objectives, and experience in developing and executing security strategies.
  • Ability to develop and enforce robust security policies and procedures that align with organizational goals and objectives.
  • Commitment to ethical behavior and integrity in all aspects of information security governance, risk, and compliance.
  • Strong analytical and problem-solving skills, with the ability to analyze complex issues and propose practical solutions.
  • Ability to adapt to changing business needs and priorities and resilience to handle setbacks and challenges while maintaining a positive approach.
  • Commitment to understanding and meeting the security needs and expectations of customers and experience in building customer trust through transparent security practices.
  • Ability to design and implement a unified security compliance framework to streamline security audits and secure network, system, and application architecture.
  • Experience managing and mentoring a team of information security GRC specialists.
  • Ability to conduct or oversee penetration testing, code reviews, and security assessments.
  • Experience coordinating and responding to security incidents, including investigation, containment, and recovery.
  • Ability to select and implement security tools and technologies to enhance security posture.
  • Experience conducting security audits and reporting to senior management regularly.
  • Ability to stay informed about emerging cybersecurity threats and incorporate threat intelligence into security strategies.
  • Maintaining a solid technical understanding of cybersecurity technologies, protocols, and trends.
  • Perform other duties and responsibilities as required, assigned, or requested. Consensus reserves the right to add or change duties at any time.

You will stand out if you also have...

  • Bachelor's degree in computer science, information technology, cybersecurity, or equivalent experience. A master's degree may be preferred.
  • Typically 6-8 years of experience in cybersecurity and information security roles.
  • Proven experience in security compliance, risk management, and integrating security compliance into software development processes.
  • Proficiency in various cybersecurity technologies and tools, including security training and awareness tools, vendor risk management tools, and security compliance and risk register tools.
  • Hands-on experience with security assessment and security benchmarking testing tools.
  • Familiarity with security information and event management (SIEM) systems.
  • Experience in deployment of cloud controls for infrastructure, platform, and applications (IaaS/SaaS/PaaS), specifically within AWS.

Additional details...

  • Location requirements: Fully remote within the U.S. (Los Angeles, Las Vegas or Braintree, Massachusetts preferred.)
  • Travel requirements: Up to 10% travel.
  • Physical requirements: Must be able to sit for long periods, as well as, handle long periods of screen time.
  • Technology requirements: Reliable, high speed internet
  • Eligible for sponsorship: No
  • Security clearance: Ability to achieve and maintain a security clearance with the U.S. Government is required

The salary range for this role is up to $175,000 USD. The total compensation package for this position is negotiable and may also include [annual performance bonus, ESPP, enhanced time off packages and benefits.]


We are not accepting agency submissions for this role.

To learn more about us visit