FIND_THE_RIGHTJOB.

Governance Risk & Compliance Manager

Salt Lake City, United States

Healthcare’s helping hand.

CHG shook things up in 1979 by inventing the locum tenens staffing model. We connect doctors with patients who need their care. As the largest physician staffing firm in America, our providers treat millions of patients each year.

Our industry is growing and demand is high. This means you’ll have plenty of opportunities to grow and develop in your career. Keeping healthcare healthy can be as fun as it is rewarding

The Manager of GRC leads the design, implementation, and continuous improvement of the organization’s Governance, Risk, and Compliance program. Acting as a central liaison between senior leadership, business units, auditors, and regulators, the role ensures that strategic objectives are met while legal, regulatory, and contractual obligations are satisfied. The ideal candidate combines deep knowledge of risk management frameworks with strong communication and project management skills.

Responsibilities

Governance

Develop, maintain and socialize enterprise-wide GRC policies, standards and procedures
Facilitate cross-functional steering committees; provide regular risk and compliance reporting to executives and the board
Align the GRC program with business strategy, ensuring clear accountability across departments

Risk Management

Own the full risk management lifecycle: identification, assessment, treatment, monitoring and reporting
Maintain the enterprise information security risk register and conduct periodic risk reviews using industry frameworks
Lead scenario analyses and business impact assessments (BIA); recommend and track mitigation plans
Implement financial loss expectancy models for quantitative risk assessment

Compliance & Audit

Manage external audits and assessments (e.g., SOC II) from scoping through remediation
Monitor emerging regulatory changes (GDPR, CCPA/CPRA, etc.) and advise stakeholders on required controls
Coordinate third-party attestation activities and maintain evidence demonstrating compliance
Support the enterprise through unified audit lifecycle management

Policy & Control Framework

Map regulatory and contractual requirements to internal controls; oversee control testing, maturity scoring and improvement initiatives
Partner with Information Security to integrate technical controls—such as IAM, vulnerability scanning and incident response—into the GRC platform
Ensure policies are reviewed, approved and communicated on a defined cadence

Training & Awareness

Design and deliver ongoing risk and compliance training for employees, contractors and key vendors
Promote a culture of compliance and ethical behavior through targeted campaigns and leadership engagement

Team Leadership & Vendor Management

Lead, mentor and develop a team of analysts or specialists; set goals and measure performance
Evaluate and manage GRC software tools and third-party risk management solutions
Oversee budgets related to compliance initiatives and external consulting support

Qualifications

Deep understanding of security control frameworks (SOC II, ISO 27001, NIST)
Experience with regulatory compliance requirements (GDPR, CCPA/CPRA)
Proficiency with GRC platforms and risk management tools
Understanding of technical security controls and their implementation
Excellent written and verbal communication skills with ability to translate technical concepts for business audiences
Strong project management skills with ability to manage multiple concurrent initiatives
Demonstrated ability to influence and build consensus across organizational boundaries
Critical thinking and problem-solving capabilities
Detail-oriented with strong organizational skills

Education & Experience

5+ years of experience in GRC, risk management, compliance, or information security
2+ years of experience leading or managing audit engagements (SOC II preferred)
Experience building GRC programs in healthcare technology or SaaS environments

Preferred

Experience in healthcare or healthcare technology industry
Experience with enterprise risk management frameworks
Track record of successful SOC II Type II implementations
Experience managing distributed teams across multiple business units

We believe in fair compensation for all of our people, which is why our pay structure takes into account the cost of labor across U.S. geographic markets. For this position, we offer a pay range of $102,100- $197,100 annually, with pay varying depending on work location and job-related factors such as knowledge, position level and experience. During the hiring process, your recruiter can provide more information about the specific salary range for the job location.

CHG Healthcare offers starting salaries for sales positions in the form of total target compensation (TTC = base + commission + bonus), which includes base pay, commission, and bonuses. Sales positions receive short-term incentives through commission plans and bonuses. On the other hand, non-sales positions have starting salaries that consist of a base salary and short-term incentives through various bonus plans, which are paid out monthly, quarterly, or annually.

#LI-MJ1

In return we offer:

401(k) retirement plan with company match

Traditional healthcare benefits such as medical and dental coverage, and some unique benefits like onsite health centers, corporate wellness programs, and free behavioral health appointments.
Flexible work schedules - including work-from-home options available
Recognition programs with rewards including trips, cash, and paid time off
Family-friendly benefits including paid parental leave, fertility coverage, adoption assistance, and marriage counseling
Tailored training resources including free LinkedIn learning courses
Volunteer time off and employee-driven matching grants
Tuition reimbursement programs

Click here to learn more about our company and culture.

CHG Healthcare values a diverse and inclusive workforce. Interested in this role but not a perfect fit? Apply anyway.

We welcome applicants of any race, color, religion, sex, sexual orientation, gender identity, national origin, veteran status and individuals with disabilities as an Affirmative Action/Equal Opportunity Employer. We are an at-will employer.

What makes CHG Different?

Similar jobs