Director IT Governance, Risk and Compliance

The Director of IT Governance, Risk, and Compliance is responsible for overseeing BlueCross BlueShield of Tennessee’s overall technical compliance framework, identifying and mitigating potential risks, and ensuring adherence to relevant laws, regulations, and internal policies across the enterprise. In this role, you’ll develop and implement robust governance structures, manage risk assessments, and monitor compliance activities to maintain a strong ethical and legal posture within the company.

Job Responsibilities

•  Developing and managing GRC strategy: Creating a comprehensive GRC program aligned with business objectives, including risk appetite, compliance frameworks, and governance processes. 
• Risk assessment and mitigation: Conducting regular risk assessments to identify potential risks across the organization, prioritizing them based on impact and likelihood, and developing mitigation strategies to address them effectively. 
• Compliance monitoring and reporting: Implementing systems to monitor compliance with relevant laws, regulations, and internal policies, identifying non-compliance issues, and reporting findings to senior management. 
• Policy and procedure development: Creating and maintaining clear policies and procedures related to governance, risk management, and compliance to ensure consistent implementation across the organization. Evaluating the effectiveness of internal controls and recommending improvements to safeguard assets and mitigate risks. 
• Vendor risk management: Assessing the compliance posture of third-party vendors and managing potential risks associated with vendor relationships. Leading the response to compliance incidents, including investigations, corrective actions, and reporting. 
• Training and awareness: Developing and delivering training programs to educate employees on compliance requirements, ethical conduct, and risk management practices. 

 

Job Qualifications

 Education

• Bachelor's Degree or equivalent work experience required. Equivalent experience is defined as 4 years of professional work experience in a corporate environment.

Experience

• 10 years of Governance, Risk and Compliance experience
• 5 years of management experience

Skills/Certifications

• Deep understanding of relevant compliance frameworks like HIPAA, NIST, and industry-specific regulations. 
• Strong analytical and problem-solving skills to identify and address potential risks 
• Excellent communication and interpersonal skills to collaborate with diverse stakeholders 
• Proven leadership experience in managing complex compliance initiatives 
• Experience with technical risk assessment methodologies and data analysis 
• Expertise in internal controls and audit procedures 
• Project management skills to execute GRC initiatives efficiently 
• CISA or CISM or CIPP or CISSP is required 

BBOF, Grade 14, Incentive T50220 - EX/CAP Grade 14

Number of Openings Available:

1

Worker Type:

Employee

Company:

BCBST BlueCross BlueShield of Tennessee, Inc.

Applying for this job indicates your acknowledgement and understanding of the following statements:

BCBST will recruit, hire, train and promote individuals in all job classifications without regard to race, religion, color, age, sex, national origin, citizenship, pregnancy, veteran status, sexual orientation, physical or mental disability, gender identity, or any other characteristic protected by applicable law.

Further information regarding BCBST's EEO Policies/Notices may be found by reviewing the following page:

BCBST's EEO Policies/Notices

BlueCross BlueShield of Tennessee is not accepting unsolicited assistance from search firms for this employment opportunity. All resumes submitted by search firms to any employee at BlueCross BlueShield of Tennessee via-email, the Internet or any other method without a valid, written Direct Placement Agreement in place for this position from BlueCross BlueShield of Tennessee HR/Talent Acquisition will not be considered. No fee will be paid in the event the applicant is hired by BlueCross BlueShield of Tennessee as a result of the referral or through other means.

Tobacco-Free Hiring Statement

To further our mission of peace of mind through better health, effective 2017, BlueCross BlueShield of Tennessee and its subsidiaries no longer hire individuals who use tobacco or nicotine products (including but not limited to cigarettes, cigars, pipe tobacco, snuff, chewing tobacco, gum, patch, lozenges and electronic or smokeless cigarettes) in any form in Tennessee and where state law permits. A tobacco or nicotine free hiring practice is part of an effort to combat serious diseases, as well as to promote health and wellness for our employees and our community. All offers of employment will be contingent upon passing a background check which includes an illegal drug and tobacco/nicotine test.  An individual whose post offer screening result is positive for illegal drugs or tobacco/nicotine  and/or whose background check is verified to be unsatisfactory, will be disqualified from employment, the job offer will be withdrawn, and they may be disqualified from applying for employment for six (6) months from the date of the post offer screening results.

Resources to help individuals discontinue the use of tobacco/nicotine products include smokefree.gov or 1-800-QUIT-NOW.