Director of Governance Risk and Compliance - Fuze Health

LetsGetChecked is a global healthcare solutions company that provides the tools to manage health from home through health testing, virtual care, genetic sequencing, and medication delivery for a wide range of health and wellness conditions. LetsGetChecked's end-to-end model includes manufacturing, logistics, lab analysis, physician support, and prescription fulfillment. Founded in 2015 and co-headquartered in Dublin and Atlanta, LetsGetChecked empowers people to take control of their health and live longer, happier lives.

Role Overview

The Director of GRC will be a pivotal leader responsible for architecting and maintaining a unified security and compliance framework across multiple healthcare entities. Your primary mission is to lead the organization through the rigorous process of achieving and maintaining HITRUST CSF and ISO 27001 & 27799 certifications.

You will bridge the gap between technical security controls and enterprise risk management, ensuring that our data protection strategies align with HIPAA/HITECH requirements and the highest industry standards.

As the Director of Governance, Risk & Compliance you will:

• Report to the Head of Information Security as a key member of the Information Security Team.

• Provide leadership in the pursuit and maintenance of compliance certifications (HITRUST & ISO 27001)

• Framework Ownership: Serve as the primary architect for the HITRUST CSF and ISO 27001 implementation roadmaps.

• Audit Management: Own the relationship with the external assessors, manage the evidence-collection process, and serve as the main point of contact for all certification audits.

• Gap Remediation: Identify control deficiencies and work cross-functionally with IT and Clinical Operations to implement corrective actions.

• Manage multi-entity governance

• Policy Harmonization: Standardize security policies across all business entities while accounting for unique operational requirements for each.

• Committee Leadership: Chair the GRC Steering Committee to report on compliance health, risk posture, and certification progress to leadership.

• Participate in Risk & Privacy Management

• Enterprise Risk Assessment: Conduct regular HIPAA Security Risk Analyses (SRA) and privacy impact assessments as needed and agreed.

• Third-Party Risk Management (TPRM): Oversee the vendor risk management program, defining security standards for all business associates (BAs).

• Manage Compliance Operations

• Continuous Monitoring: Move the organization from "point-in-time" compliance to a continuous monitoring model using GRC automation tools.

• Have the ability to strategically influence to gain buy-in from clinical leaders and department heads who may view compliance as a barrier to workflow.

• Have proficiency in mapping overlapping controls between different frameworks to reduce "audit fatigue."

• Have an exceptional ability to translate complex technical risks into business terms for leadership.

What you need:

• 10+ years in IT/Security GRC, with at least 5 years in a leadership role.

• Comfortable working in a fast-paced environment with excellent communication skills.

• Candidates must have excellent verbal and written communication skills, including experience speaking in public forums and writing / contributing to technical publications.

• Deep understanding of HIPAA, HITECH, and CMS regulations.

• Proven experience leading at least one organization through a full HITRUST (r2) or ISO 27001 certification cycle.

• Bachelor’s degree in IT, Healthcare Administration, or a related field (Master’s preferred).

• Certifications such as CISA, CISM, or CISSP. Highly Desired: CCSFP (HITRUST Practitioner) required.

The base salary range for this role is €85,000 - €95,000.

Closing date for applications 28th February 2026.

Benefits:

Alongside base salary we offer a range of benefits including:

• Health insurance and an Employee Assistance Programme

• Pension

• LetsGetChecked has a flexible annual leave policy

• Annual Compensation Reviews

• 3 paid volunteer days per year

• Free monthly LetsGetChecked tests as we are not only focused on the well being of our patients but also the well being of our teams

• A referral bonus programme to reward you for helping us hire the best talent

• Internal Opportunities and Careers Clinics to help you progress your career within the company

• Maternity, Paternity, Parental and Wedding leave

Why LetsGetChecked

At LetsGetChecked, we are revolutionizing healthcare by making it more accessible, convenient, and personalized. Our mission is to empower individuals with the knowledge and tools they need to manage their health proactively, so they can live longer, happier lives.

By joining our team, you will be part of a dynamic and innovative company that is dedicated to improving lives through cutting-edge technology and compassionate care. We value our employees and invest in their growth, offering opportunities for professional development and career advancement. Together, we can make a meaningful impact on the future of healthcare and help people take control of their health journey. Join us in our commitment to transforming healthcare for the better.

Our Commitment to Diversity, Equity, and Inclusion

At LetsGetChecked, we are committed to fostering an inclusive environment that celebrates diversity in all its forms. We believe that the diversity of thought, background, and experience strengthens our teams and drives innovation. We are an equal-opportunity employer and do not discriminate on the basis of race, ethnicity, religion, color, place of birth, sex, gender identity or expression, sexual orientation, age, marital status, military service status, or disability status. Our goal is to ensure that everyone feels valued and empowered to thrive. Please review our Candidate Privacy Policy.

To learn more about LetsGetChecked and our mission to help people live longer, healthier lives please visit https://www.letsgetchecked.com/careers/