Governance Risk & Compliance Manager

Healthcare's helping hand.

CHG shook things up in 1979 by inventing the locum tenens staffing model.

We connect doctors with patients who need their care.

As the largest physician staffing firm in America, our providers treat millions of patients each year.

Our industry is growing and demand is high.

This means you'll have plenty of opportunities to grow and develop in your career.

Keeping healthcare healthy can be as fun as it is rewarding

The Manager of GRC leads the design, implementation, and continuous improvement of the organization's Governance, Risk, and Compliance program.

Acting as a central liaison between senior leadership, business units, auditors, and regulators, the role ensures that strategic objectives are met while legal, regulatory, and contractual obligations are satisfied.

The ideal candidate combines deep knowledge of risk management frameworks with strong communication and project management skills.

Responsibilities
Governance


* Develop, maintain and socialize enterprise-wide GRC policies, standards and procedures


* Facilitate cross-functional steering committees; provide regular risk and compliance reporting to executives and the board


* Align the GRC program with business strategy, ensuring clear accountability across departments

Risk Management


* Own the full risk management lifecycle: identification, assessment, treatment, monitoring and reporting


* Maintain the enterprise information security risk register and conduct periodic risk reviews using industry frameworks


* Lead scenario analyses and business impact assessments (BIA); recommend and track mitigation plans


* Implement financial loss expectancy models for quantitative risk assessment

Compliance & Audit


* Manage external audits and assessments (e.g., SOC II) from scoping through remediation


* Monitor emerging regulatory changes (GDPR, CCPA/CPRA, etc.) and advise stakeholders on required controls


* Coordinate third-party attestation activities and maintain evidence demonstrating compliance


* Support the enterprise through unified audit lifecycle management

Policy & Control Framework


* Map regulatory and contractual requirements to internal controls; oversee control testing, maturity scoring and improvement initiatives


* Partner with Information Security to integrate technical controls-such as IAM, vulnerability scanning and incident response-into the GRC platform


* Ensure policies are reviewed, approved and communicated on a defined cadence

Training & Awareness


* Design and deliver ongoing risk and compliance training for employees, contractors and key vendors


* Promote a culture of compliance and ethical behavior through targeted campaigns and leadership engagement

Team Leadership & Vendor Management


* Lead, mentor and develop a team of analysts or specialists; set goals and measure performance


* Evaluate and manage GRC software tools and third-party risk managem...