Security Engineer, GRC

Ivy Rehab • $90K — $130K *

White Plains, NY 10605In-Person

Information Technology

Less than 5 years of experience

Today

Be an Early Applicant

By clicking Apply, I agree with Ladders' Terms of Use and Privacy Policy

Job Overview by Ladders

Qualifications

3-5 years experience in Cybersecurity, focusing on GRC or third-party risk management.
Bachelor's degree in Cybersecurity, Computer Science, Information Systems, or similar.
Strong communication, collaboration, and problem-solving skills.
Relevant security certifications like CISSP or CISM; GIAC, CISA, CRISC are beneficial.
Former NOC/SOC experience is preferred.
Deep knowledge of security frameworks such as NIST CSF, HIPAA, and HITRUST.
Proficient in analyzing vendor security documentation and using GRC platforms.

Responsibilities

Lead the development and enhancement of the internal GRC framework and security architecture.
Write, maintain, and enforce security policies and control frameworks throughout the organization.
Identify automation opportunities for compliance tracking and risk reporting workflows.
Ensure alignment with industry standards and conduct internal/external security assessments.
Manage the third-party risk assessment process and evaluate vendor security.
Collaborate with legal and procurement to address vendor risks and implement security measures.
Oversee the Data Loss Prevention (DLP) solution and manage data exfiltration alerts.
Drive the strategy for security awareness training and measure its effectiveness.

Benefits

Primarily remote work with selective travel for projects and team building.
Opportunity to work within a large organization of 7,500+ employees.
Engage with diverse teams across 750+ locations.
Involvement in shaping comprehensive security programs.

Full Job Description

State of Location:
New York

Position Summary:

The Security Engineer will manage, scale, and automate our Governance, Risk, and Compliance (GRC) program supporting an organization of 7,500+ teammates across 750+ locations. This role focuses on building security policies, automating compliance workflows, and conducting third-party vendor risk assessments. Additionally, you will provide secondary engineering and analytical support to optimize our MSSP relationship, triage alerts, and refine SOC use cases.
This role is primarily remote, with occasional travel required for projects, collaboration, and team building.

Job Description:

Responsibilities:

Lead the design, rollout, and continuous improvement of the internal GRC framework and security architecture.
Author, maintain, and help enforce information security policies, procedures, and control frameworks across the business.
Identify opportunities to automate compliance tracking, evidence collection, and risk reporting workflows to eliminate manual processes.
Ensure organizational alignment with industry standards (e.g., NIST CSF, HIPAA, HITRUST) and facilitate internal or external security assessments.
Own the end-to-end third-party risk assessment process; evaluate vendor security postures, SOC 2 reports, and risk profiles prior to onboarding.
Partner with legal, procurement, and business stakeholders to communicate vendor risks and negotiate necessary security safeguards.
Manage and monitor the Data Loss Prevention (DLP) solution; triage data exfiltration alerts and partner with business units to implement, enforce, and refine data classification schemas
Drive the security awareness training strategy; oversee automated phishing campaigns, measure program effectiveness, and deliver tailored education to mitigate human risk.
Provide secondary support to SOC operations by validating alert triage and improving detection logic
Collaborate to improve SIEM/SOC use cases, detection logic, and incident response workflows.

Qualifications:

Minimum 3-5 years of experience in Cybersecurity, with a focus on GRC or third-party risk management.
Bachelor's degree in Cybersecurity, Computer Science, Information Systems, or a related field.
Excellent communication, collaboration, and problem-solving skills
Relevant security certifications such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM).
- GIAC certifications, Certified Information Systems Auditor (CISA), Certified in Risk and Information Systems Control (CRISC) are a plus.
Former NOC/SOC experience is highly desired.
Deep understanding of security frameworks and standards such as NIST CSF, HIPAA, HITRUST.
Proven ability to analyze vendor security documentation (SOC 2 Type II, SIG questionnaires, penetration test reports).
Experience utilizing GRC platforms (e.g., SmartSuite, Archer, ServiceNow GRC, or similar), low-code/no-code platforms, or scripting to automate security processes and compliance mapping.
Excellent communication and collaboration abilities - able to explain complex risk concepts to non-technical stakeholders and work cross-functionally to drive security initiatives.

ivyrehab.com

About Ivy Rehab

Ivy Rehab Careers

There has never been a better time to join the dynamic team at Ivy Rehab—the leading network of therapy providers dedicated to enhancing physical performance and wellness.

Work You’ll Do

Join Ivy Rehab's top-tier team to assist individuals in overcoming physical challenges and achieving personal health goals. At Ivy Rehab, the focus is on leveraging innovation in therapy to transform patient care and wellness practices. Lead in a unique role within the healthcare industry, at the crossroads of clinical expertise, leadership, and innovative health solutions. Engage with a professional team of healthcare specialists to guide patients through their rehabilitation journey. Collaborate with the most skilled therapists and healthcare professionals in the industry, dedicated to advancing physical therapy and patient care.

Introducing the Ivy Rehab Network

The network is expanding its market-leading team to assist more patients and communities in mastering their health and rehabilitation goals with cutting-edge treatments and compassionate care.

Do Innovative Work

Join the largest group of therapy experts—dedicated professionals at the forefront of healthcare innovation and patient-centric solutions.

Drive Innovative Healthcare

Deliver targeted healthcare solutions through a depth and breadth of clinical experience and innovation that’s second to none.

Be Part of a Great Team

Work with a wide-ranging group of therapy technologies and harness the unparalleled capabilities, national scale, and joint solution development of a leading healthcare team.

Future-proof Your Career

Advance as far as your ambition takes you with limitless opportunities to grow your career, supported by unmatched training, development, and certification programs.

Explore

Discover how Ivy Rehab is leading the way in patient care: [With innovative therapy techniques] Ivy Rehab helps patients achieve better outcomes... A new program at Ivy Rehab introduces advanced methods for patient care and wellness.

The Ivy Rehab Network

The combined service capabilities, national reach, and joint solution development help patients overcome challenges and lead healthier lives. Patients across the nation turn to Ivy Rehab for innovative strategies and healthcare solutions to drive recovery and wellness in the modern healthcare landscape. Bringing together dedicated professionals, Ivy Rehab Network empowers individuals to thrive in their personal health journeys.

Stay Connected

Join the Team

Search open positions that match your skills and interests. Ivy Rehab looks for passionate, curious, creative, and solution-driven team players. SEARCH IVY REHAB JOBS

Keep Up to Date

Stay ahead with career tips, insider perspectives, and industry-leading insights you can put to use today—all from the people who work at Ivy Rehab.

READ CAREERS BLOG

Job Alert Emails

Personalize your subscription to receive job alerts, latest news, and insider tips tailored to your preferences. Explore what exciting and rewarding opportunities await in the fields of physical therapy and patient care.

Learn more about Ivy Rehab

Industry

Healthcare

* Ladders Estimates

Similar Jobs

Security Engineer III, SIEM Engineer (Secret Clearance)
$102K — $188K *
Deloitte
Baltimore, MD 21215 (Baltimore City County)
Reposted Today
Security Engineer III, SIEM Engineer (Secret Clearance)
$102K — $188K *
Deloitte
Arlington, VA 22204 (Arlington County)
Today
Associate CNO Developer
$76K — $128K *
ManTech International
Hanover, MD 21076 (Howard County)
Today
Privacy Engineer
$120K — $150K *
Superhuman
New York, NY 10025 (New York County)
Today
Information Security Engineer - USA
$90K — $130K *
Athena
Remote
Today
Information System Security Officer (ISSO) / Security Engineer (ISSE)
$99K — $208K *
CACI International
Aberdeen Proving Ground, MD 21005 (Harford County)
Reposted Today

Get Ready For Your
Next Interview

More Jobs at Ivy Rehab

Security Engineer, GRC
$90K — $130K *
White Plains, NY 10605 (Westchester County)
Today
Information Technology
In-Person
Licensed Physical Therapist (PT) Ortho
$85K — $110K *
Orange, VA 22960 (Orange County)
Today
Healthcare
In-Person
Licensed Physical Therapist
$83K — $110K *
Palmyra, VA 22963 (Fluvanna County)
Today
Healthcare
In-Person
Licensed Physical Therapist PT (Ortho)
$83K — $110K *
Arlington, VA 22204 (Arlington County)
Today
Healthcare
In-Person
Licensed Physical Therapist (Ortho)
$83K — $105K *
Scottsville, VA 24590 (Albemarle County)
Today
Healthcare
In-Person

More Information Technology Jobs

SDET (Software Development Engineer In Test)
Confidential Company
Washington, DC 20001 (District Of Columbia County)
1 week ago
Senior Developer, IT
$90K — $120K *
Helen of Troy
Arlington, TN 38002 (Shelby County)
Today
Project Manager
$92K — $143K *
Teachers' Retirement System of the State of Illinois
Springfield, IL 62704 (Sangamon County)
Today
Business Systems Analyst Senior
$75K — $95K *
Arkansas Blue Cross
Little Rock, AR 72204 (Pulaski County)
Today
Intranet & Web Content Senior Specialist
$75K — $95K *
Robert W. Baird
Milwaukee, WI 53215 (Milwaukee County)
Today

Find similar Security Engineer, GRC jobs:

Nationwide White Plains, NY