Risk and Compliance Lead

Posted 4 Days Ago
Be an Early Applicant
Chicago, IL, USA
In-Office
Senior level
Healthtech • Software
The Role
Lead GovRAMP/TX-RAMP authorization and continuous monitoring: author and maintain SSPs, map SOC 2/HIPAA to NIST controls, manage POA&M and ConMon deliverables, coordinate remediation and 3PAO interactions, and liaise with GovRAMP PMO and state authorizing officials across cross-functional teams.
Summary Generated by Built In

RLDatix is on a mission to transform care delivery worldwide, ensuring every patient receives the safest, highest-quality care. Through our innovative Healthcare Operations Platform, we're connecting data to unlock trusted insights that enable improved decision-making and help deliver safer healthcare for all.

Job Description

RLDatix (RLD) is on a mission to help raise the standard of care…everywhere. Trusted by over 10,000 healthcare organizations around the world, our solutions help improve health and care. Our applications ensure that patients receive the best and safest care while supporting the providers who deliver it.

Joining TeamRLD means being part of a global effort of over 2,000 team members in making a difference in healthcare…every day.

We're searching for a US-based GovRAMP/TX-RAMP Risk & Compliance Officer to join our Information Security – Risk & Compliance team, so that we can unlock US state and local government healthcare market opportunities through GovRAMP and TX-RAMP authorization. The GovRAMP/TX-RAMP Risk & Compliance Officer will serve as the dedicated compliance delivery lead for our 18-month authorization program and its ongoing continuous monitoring lifecycle, acting as the primary compliance interface to the GovRAMP PMO, third-party assessors, and US state agency authorizing officials.

How You'll Spend Your Time

  • Author and maintain System Security Plans (SSPs) for GovRAMP Core (60 controls) and Moderate (394 controls) using NIST SP 800-53 Rev 5 baseline to achieve authorization milestones
  • Map existing SOC 2 Type II and HIPAA evidence to NIST control families in order to identify gaps and coordinate collection across Engineering, HR, Facilities, Legal, and SecOps
  • Own the Plan of Action & Milestones (POA&M) from Phase 2 to track 3PAO findings, coordinate remediation, and provide monthly updates to the CISO for sign-off
  • Produce monthly Continuous Monitoring (ConMon) deliverables including vulnerability scan reports, POA&M updates, and significant change notifications in order to meet GovRAMP PMO requirements
  • Cross-train with the NAM Risk & Compliance Officer on SOC 2 Type II and HIPAA delivery to provide mutual holiday/sickness cover and strengthen team resilience

What Kind of Things We're Most Interested in You Having

  • 5+ years' experience in security compliance or GRC roles within CSPs, SaaS vendors, or consulting firms supporting GovRAMP/FedRAMP/StateRAMP authorizations
  • Proven success delivering at least one full GovRAMP, FedRAMP, or StateRAMP authorization (SSP through ATO and ongoing ConMon)
  • In-depth knowledge on how to map SOC 2, HIPAA, and ISO 27001 to NIST SP 800-53 Rev 5 control families and author SSPs in OSCAL format or legacy template
  • Ability to work US business hours from a US location for real-time collaboration with the GovRAMP PMO, 3PAO, and state agency officials
  • Sincere interest in enabling US state and local healthcare agencies to adopt patient safety solutions
  • A knack for working collaboratively within a cross-functional, remote-first environment
  • One of the following professional certifications: CISSP, CISA, CRISC, CCSP, or CAP (CAP preferred)

By enabling flexibility in how we work and prioritizing employee wellness, we empower our team to do and be their best. Our benefits package includes health, dental, vision, life, disability insurance, 401K, paid time off, and paid holidays.
RLDatix is an equal opportunity employer, and our employment decisions are made without regard to race, color, religion, age, gender, national origin, disability, handicap, marital status or any other status or condition protected by Federal and/or State laws.

As part of RLDatix's commitment to the inclusion of all qualified individuals, we ensure that persons with disabilities are provided reasonable accommodation in the job application and interview process. If reasonable accommodation is needed to participate in either step, please don't hesitate to send a note to [email protected].

Salary offers are based on a wide range of factors including location, relevant skills, training, experience, education, and, where applicable, licensure or certifications obtained. Market and organizational factors are also taken into consideration.

Skills Required

  • 5+ years experience in security compliance or GRC roles within CSPs, SaaS vendors, or consulting firms supporting GovRAMP/FedRAMP/StateRAMP authorizations
  • Proven success delivering at least one full GovRAMP, FedRAMP, or StateRAMP authorization (SSP through ATO and ongoing ConMon)
  • In-depth knowledge mapping SOC 2, HIPAA, and ISO 27001 to NIST SP 800-53 Rev 5 control families and authoring SSPs in OSCAL format or legacy templates
  • Experience owning and managing POA&M, coordinating remediation from 3PAO findings, and producing monthly continuous monitoring deliverables
  • Ability to work US business hours from a US location for real-time collaboration with GovRAMP PMO, 3PAO, and state agency officials
  • One of the following professional certifications: CISSP, CISA, CRISC, CCSP, or CAP
  • CAP certification preferred
  • Ability to collaborate cross-functionally in a remote-first environment
  • Interest in enabling US state and local healthcare agencies to adopt patient safety solutions

RLDatix Compensation & Benefits Highlights

The following summarizes recurring compensation and benefits themes identified from responses generated by popular LLMs to common candidate questions about RLDatix and has not been reviewed or approved by RLDatix.

  • Affordable Benefits Health coverage is often described as affordable, with HSA/FSA options and efforts to offset plan changes. Feedback suggests core medical, dental, and vision offerings deliver solid value.
  • Leave & Time Off Breadth Generous PTO and paid holidays are consistently highlighted, supporting work-life balance. Feedback suggests time-off policies are a clear strength alongside hybrid/remote flexibility.
  • Retirement Support A 401(k) with company matching is recognized as a meaningful component of total rewards. Feedback suggests retirement benefits are straightforward and dependable.

RLDatix Insights

Am I A Good Fit?
beta
Get Personalized Job Insights.
Our AI-powered fit analysis compares your resume with a job listing so you know if your skills & experience align.

The Company
HQ: Chicago, IL
1,535 Employees
Year Founded: 2018

What We Do

At RLDatix, we believe that what flows through our software is more than bits and bytes — it’s human lives. This is our mantra, our mindset, our passion and our purpose. We deliver comprehensive healthcare software solutions designed to raise the standard of care for patients, providers and healthcare organizations around the world. What sets us apart: 🌎 Global reach, local impact — We serve over 10,000 organizations across 30+ countries. 💙 Culture of purpose — Our team is united by the conviction that healthcare work is a privilege. 🤝 Partnership mindset — We see ourselves as more than a vendor; we strive to be a trusted ally in improving patient safety and care. 💡 Innovation-driven — We continuously evolve our platform to help our customers stay ahead in compliance, safety, outcomes and efficiency. Join us as we continue to empower healthcare systems to do more — for their patients, staff and communities.

Similar Jobs

CVS Health Logo CVS Health

Lead Director - Business Process Risk & Controls, SOX Compliance Hub

Fitness • Healthtech • Retail • Pharmaceutical
In-Office
5 Locations
119959 Employees
100K-232K Annually
Hybrid
Chicago, IL, USA
205000 Employees
175K-279K Annually

Wells Fargo Logo Wells Fargo

Business Banker (LO) Bridgeport

Fintech • Financial Services
Hybrid
Chicago, IL, USA
205000 Employees
28K-42K Annually

Wells Fargo Logo Wells Fargo

Business Banker (LO) Schaumburg

Fintech • Financial Services
Hybrid
Schaumburg, IL, USA
205000 Employees
28K-42K Annually

Similar Companies Hiring

Hanover Park Thumbnail
Artificial Intelligence • Fintech • Software • Financial Services
New York, New York
42 Employees
Kepler  Thumbnail
Fintech • Software
New York, New York
6 Employees
Onshore Thumbnail
Artificial Intelligence • Fintech • Software • Financial Services
New York, New York
60 Employees

Sign up now Access later

Create Free Account

Please log in or sign up to report this job.

Create Free Account