← all jobs

[Remote] Security Engineer, GRC

Work from home Full-time role Hiring

Note: The job is a remote job and is open to candidates in USA. Ivy Rehab Network is a leading organization in physical therapy and rehabilitation services, and they are seeking a Security Engineer to manage and enhance their Governance, Risk, and Compliance (GRC) program. The role involves creating security policies, automating compliance workflows, and conducting vendor risk assessments while supporting a large team across multiple locations.

Responsibilities

  • Lead the design, rollout, and continuous improvement of the internal GRC framework and security architecture
  • Author, maintain, and help enforce information security policies, procedures, and control frameworks across the business
  • Identify opportunities to automate compliance tracking, evidence collection, and risk reporting workflows to eliminate manual processes
  • Ensure organizational alignment with industry standards (e.g., NIST CSF, HIPAA, HITRUST) and facilitate internal or external security assessments
  • Own the end-to-end third-party risk assessment process; evaluate vendor security postures, SOC 2 reports, and risk profiles prior to onboarding
  • Partner with legal, procurement, and business stakeholders to communicate vendor risks and negotiate necessary security safeguards
  • Manage and monitor the Data Loss Prevention (DLP) solution; triage data exfiltration alerts and partner with business units to implement, enforce, and refine data classification schemas
  • Drive the security awareness training strategy; oversee automated phishing campaigns, measure program effectiveness, and deliver tailored education to mitigate human risk
  • Provide secondary support to SOC operations by validating alert triage and improving detection logic
  • Collaborate to improve SIEM/SOC use cases, detection logic, and incident response workflows

Skills

  • Minimum 3-5 years of experience in Cybersecurity, with a focus on GRC or third-party risk management
  • Bachelor's degree in Cybersecurity, Computer Science, Information Systems, or a related field
  • Excellent communication, collaboration, and problem-solving skills
  • Relevant security certifications such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM)
  • Deep understanding of security frameworks and standards such as NIST CSF, HIPAA, HITRUST
  • Proven ability to analyze vendor security documentation (SOC 2 Type II, SIG questionnaires, penetration test reports)
  • Experience utilizing GRC platforms (e.g., SmartSuite, Archer, ServiceNow GRC, or similar), low-code/no-code platforms, or scripting to automate security processes and compliance mapping
  • Excellent communication and collaboration abilities – able to explain complex risk concepts to non-technical stakeholders and work cross-functionally to drive security initiatives
  • GIAC certifications
  • Certified Information Systems Auditor (CISA)
  • Certified in Risk and Information Systems Control (CRISC)
  • Former NOC/SOC experience

Benefits

  • Eligibility for full benefits package beginning within your first month of employment
  • Generous PTO (Paid Time Off) plans and paid holidays

Company Overview

  • Ivy is a rapidly growing network of best-in-class outpatient physical, occupational, speech and ABA therapy clinics throughout the United States. It was founded in 2003, and is headquartered in Harrison, New York, USA, with a workforce of 5001-10000 employees. Its website is http://www.ivyrehab.com/.
  • Company H1B Sponsorship

  • Ivy Rehab Network has a track record of offering H1B sponsorships, with 1 in 2022, 1 in 2021. Please note that this does not guarantee sponsorship for this specific role.
  • More open positions

    [Remote] Natural Resources Associate Project Manager

    Work from home Full-time role

    [Remote] Member Contact Center Sales Associates (FT & PT)

    Work from home Full-time role

    [Remote] Senior Pharmacy Data Analyst

    Work from home Full-time role

    [Remote] Director, Risk Management - Community Development Finance

    Work from home Full-time role

    [Remote] Supply Chain Project Manager

    Work from home Full-time role

    Laravel PHP Developers required for SaaS on Work from Home basis - Contract to Hire

    Work from home Full-time role

    Fundraising Operations Coordinator-Full Time Remote

    Work from home Full-time role

    Experienced Data Entry Clerk – Remote Opportunity with careerzynith

    Work from home Full-time role

    Dental Lab Technicians/Professionals

    Work from home Full-time role

    Clinical Reviewer - (Remote) | Maximus | Handshake

    Work from home Full-time role

    IQVIA - Per Diem - RN Clinical Nurse Educator

    Work from home Full-time role

    Entry-Level Remote Data Entry Associate – $27/hr – Work‑From‑Home Opportunity with careerzynith – No Experience Required

    Work from home Full-time role

    News Photographer / Editor [Remote]

    Work from home Full-time role

    Senior Strategic Account Executive

    Work from home Full-time role

    Senior Sourcing Associate (IT Procurement)

    Work from home Full-time role

    Clinical Pharmacist Jobs in USA, Remote | Rose International Job

    Work from home Full-time role

    Provider Credentialing Specialist - Virtual Assistant

    Work from home Full-time role

    ShareCare - Backend Engineer (Python)

    Work from home Full-time role

    [Remote] Marketing Producer

    Work from home Full-time role

    Specialist - Advisor - Fixed Term: Academic Advisor Position in Remote Location with Michigan State University

    Work from home Full-time role

    Hiring Now: [Work From Home] Apple At-Home Advisor  No

    Work from home Full-time role