Job Description
The IT Risk Manager role at Lets Get Checked is a unique opportunity to drive the continuous improvement of the company's privacy, security, engineering, and AI programs, ensuring adherence to industry standard frameworks and regulatory requirements.
Lets Get Checked is a global healthcare solutions company that empowers people to take control of their health and live longer, happier lives. As a rapidly growing company, we are revolutionizing healthcare by making it more accessible, convenient, and personalized.
The IT Risk Manager will be responsible for supporting the SVP of Data Compliance and Privacy and SVP of Information Security in the continual assessment and enhancement of the company's security and privacy control framework and policies. Key responsibilities include:
- Conducting formally documented audits of Information Security and Data Protection related domains, summarizing findings and risks, and working with leadership to communicate and implement remediation plans.
- Supporting Legal, Compliance, Information Security, and the wider business in performing due diligence and contracting with new third parties.
- Assessing third-party vendors' privacy and security controls and standards, and coordinating across the business to communicate and remediate risks associated with new third-party relationships.
- Supporting in other compliance audit activities, such as responding to customer requests regarding the company's security program, or working closely with the DPO to document personal data processing activities as part of the GDPR and HIPAA compliance programs.
The ideal candidate will have a proven track record in internal and/or external IT risk or audit functions related to information security and privacy, as well as a strong familiarity with computer security systems and related industry standards.
Key qualifications include:
- Minimum 3 years of experience in performing privacy and security audits against established control frameworks.
- Strong familiarity with computer security systems and related industry standards for privacy and security, such as HITRUST, ISO27 series, NIST, SOX or SOC2 requirements.
- Experience in third-party risk management or client-facing security, privacy, or audit advisory roles.
- Ability to handle confidential information.
- Ethical, with the ability to remain tactful, impartial, and escalate all instances of non-compliance through established reporting channels.
Additional skills and certifications include:
- Security or IT Audit certifications such as CISSP, CIPM, CISA, or CRISC.
- Privacy certifications such as CIPP/US, CIPP/E, CIPM, CIPT, or AIGP.
- Educational or professional background in Information Management, Security, Computer Science, IT Audit, or similar.
The base salary range for this role is €70,000 - €85,000. Benefits include health insurance, pension, flexible annual leave policy, annual compensation reviews, paid volunteer days, free monthly Lets Get Checked tests, referral bonus program, internal opportunities, and careers clinics.
At Lets Get Checked, we are committed to fostering an inclusive environment that celebrates diversity in all its forms. We believe that the diversity of thought, background, and experience strengthens our teams and drives innovation.