Senior IT GRC Advisor
Community Care of North Carolina
From the mountains to the coast, from large cities to small towns, Community Care of North Carolina (CCNC) is transforming health care. Informed by statewide data and predictive analytics, community‑based care‑managers work with local physicians and diverse teams of health professionals to develop whole‑person plans of care that connect people to the right local resources and increase equity and access to high‑quality care. CCNC Mission Statement To improve the health and quality of life for all North Carolinians by building better community‑based healthcare delivery systems. Position Summary The Senior IT GRC Advisor is responsible for leading and maturing CCNC’s enterprise IT governance, risk, and compliance program. This role serves as a senior advisor to leadership and works in alignment with IT security and IT leadership on IT risk, cybersecurity governance, internal controls, regulatory obligations, and audit readiness, while maintaining practical, business‑aligned processes that strengthen the control environment across infrastructure, applications, cloud platforms, vendors, data protection, and strategic technology initiatives. The Senior IT GRC Advisor is accountable for the development, implementation, and continuous improvement of IT GRC methodologies, policies, standards, risk assessments, issue management, reporting, and advisory services that support secure and compliant operations. Essential Functions Lead the enterprise IT GRC program, including governance structures, risk management processes, policy oversight, control framework alignment, and reporting on program effectiveness to leadership. Demonstrate strong critical thinking and professional skepticism to assess control design and operating effectiveness, analyze requirements, data, and processes in context, and provide defensible, risk‑based recommendations to management. Plan, lead, and execute IT risk assessments, audits, and advisory engagements across infrastructure, applications, cloud services, cybersecurity processes, data protection controls, and enterprise technology initiatives. Develop, maintain, and mature the IT risk register and issue management process, including documenting risks, assigning ownership, tracking remediation plans, validating closure, and reporting residual risk and trends to leadership. Establish and maintain GRC metrics, dashboards, KPIs, and KRIs to provide leadership with meaningful visibility into control effectiveness, audit readiness, remediation status, and emerging risk trends. Collaborate with IT, Security, Privacy, Legal, Compliance, Internal Audit, and business stakeholders to strengthen internal controls and implement sustainable corrective and preventive actions. Advise on large‑scale enterprise projects, system implementations, and technology changes by embedding risk, compliance, control, and governance requirements throughout the project and system lifecycle. Lead third‑party and vendor risk management activities, including due diligence, control reviews, evidence evaluation, contract and security requirement alignment, ongoing monitoring, and escalation of material risks. Assess third‑party controls, including SOC reports, HITRUST certifications, penetration testing results, policy documentation, and other independent assurance artifacts to evaluate control design and operating effectiveness. Conduct cloud and SaaS compliance assessments across platforms such as AWS and Azure, with emphasis on shared responsibility, configuration governance, access management, identity governance, and evidence‑based validation of security controls. Evaluate identity and access management controls, including privileged access management, role‑based access control, user provisioning and deprovisioning, and workforce access appropriateness. Support the organization’s preparedness for internal and external audits, regulatory reviews, and control assessments by coordinating evidence, validating remediation, and improving documentation quality and audit readiness. Assess IT and security policies, standards, procedures, and governance artifacts for alignment to recognized frameworks and regulatory expectations. Provide risk‑based and business‑centric recommendations to address gaps. Develop and facilitate workforce education and awareness programs related to security, privacy, compliance, and internal controls, with a focus on practical risk ownership and control accountability. Coordinate with operational and technical teams to evaluate incident response, disaster recovery, and business continuity control design and testing from a GRC perspective. Support responsible AI governance and AI assurance efforts by assessing governance structures, usage controls, risk mitigation approaches, and emerging compliance expectations related to AI‑enabled tools and processes. Develop and maintain GRC methodologies, templates, repositories, internal sites, and reporting artifacts that improve consistency, efficiency, and program maturity. Fulfill other GRC responsibilities as assigned by management. Qualifications Bachelor’s degree in information technology, cybersecurity, information systems, accounting, audit, risk management, or a related field. Minimum of 7 years of progressive experience in IT audit, IT risk management, cybersecurity compliance, or GRC program leadership. Demonstrated experience planning and leading complex IT audit, risk assessment, or advisory engagements. Experience developing or maturing GRC programs, frameworks, policies, risk registers, metrics, or issue management processes. Experience assessing third‑party and vendor risk and reviewing assurance artifacts such as SOC reports, penetration tests, and security certifications. Experience conducting cloud risk or compliance assessments in AWS, Azure, or similar environments. Certifications One or more of the following certifications is required: CISA, CISSP, CISM, CRISC, CGEIT, CDPSE, or equivalent. Preferred Working knowledge of the HIPAA Security Rule and recognized security practices relevant to safeguarding ePHI. Experience with AI governance, AI risk assessments, or AI assurance reviews. Experience in continuous controls monitoring, executive reporting, and program maturity improvement. Experience in healthcare, regulated environments, or privacy and security compliance programs preferred. Knowledge, Skills, and Abilities Knowledge of enterprise IT governance, risk management, and compliance principles. Knowledge of IT general controls, internal control frameworks, and audit methodologies. Knowledge of cybersecurity concepts, including identity and access management, vulnerability management, incident response, disaster recovery, business continuity, and cloud security. Knowledge of healthcare security and privacy requirements, including HIPAA Security Rule concepts. Knowledge of third‑party and vendor risk management practices, including review of SOC reports, security questionnaires, and other assurance documentation. Knowledge of policy, standards, and procedure development to support a strong internal control environment. Knowledge of issue management, remediation tracking, and continuous improvement practices. Knowledge of recognized frameworks and standards such as NIST CSF, NIST 800‑53, COBIT, ISO 27001, PCI DSS, and HITRUST. Skill in leading IT risk assessments, audits, and advisory engagements. Skill in evaluating control design and operating effectiveness and identifying gaps and remediation priorities. Skill in developing and maintaining risk registers, issue logs, corrective action plans, and supporting documentation. Skill in reviewing vendor documentation and assurance artifacts such as SOC reports, penetration test results, certifications, and policy evidence. Skill in drafting and revising policies, standards, and procedures. Skill in preparing dashboards, executive reports, KPIs, KRIs, and risk summaries. Skill in facilitating interviews, walkthroughs, stakeholder meetings, and remediation follow‑up discussions. Skill in assessing cloud, access management, and identity governance controls. Skill in communicating clearly in writing and verbally with technical and non‑technical audiences. Ability to analyze complex information, processes, and control environments. Ability to exercise sound judgment and professional skepticism. Ability to develop practical, risk‑based recommendations. Ability to influence and collaborate with leaders and cross‑functional stakeholders. Ability to manage multiple priorities with minimal supervision. Ability to translate technical and regulatory requirements into business‑friendly guidance. Ability to support audit readiness and continuous improvement efforts. Ability to identify emerging risks involving third parties, cloud environments, data protection, and AI‑related governance. Ability to maintain confidentiality when handling sensitive organizational, compliance, and security information. Working Conditions Routinely there may be some minor physical inconveniences or discomforts in the work setting, including sitting for moderate periods of time. Must be able to utilize office equipment, computer, keyboard, and phone with or without assistive devices. Repetitive wrist motion and occasional lifting/carrying of up to 25 pounds. Why Join Us Make a meaningful impact on youth and families across North Carolina. Work with a supportive and collaborative care team. Competitive benefits package effective first day of employment. Opportunities for growth, training, and bonus incentives. Ready to improve the health and quality of life of all North Carolinians by building and supporting better community‑based health care delivery systems? Apply today and join us in delivering compassionate care that makes a difference. #J-18808-Ljbffr Community Care of North Carolina
$41.45 - $59.58 per hour
...line. This role involves project management, requirements definition, systems design, and vendor coordination to enhance health system IT. The ideal candidate has a Bachelor's degree in Computer Science and four years experience in IT systems. This position offers remote...SeniorHourly payRemote work- ...technology that improves the quality of mobility in communities around the world. Clever Devices is growing and in turn is seeking a Senior Embedded Systems Engineer to join our Technology and Communications department. In this position, the Sr Embedded Systems Engineer...SeniorWorldwide
$80k - $200k
Veeva Systems, Inc. is seeking experienced consultants for a remote customer-facing position focused on implementing next-generation CRM technology tailored for the Life Sciences industry. The role involves leading process discovery workshops, managing application deployment...SeniorRemote workFlexible hours- A technology consulting company based in Morrisville, NC is seeking an experienced MS Teams Administrator with expertise in Enterprise Voice. The role involves conducting requirements studies and designing solutions for MS Teams, as well as implementation and support. Ideal...SeniorRemote work
- A technology leader is seeking an experienced individual for a remote role focused on advanced packaging and 3DIC analysis. Candidates must have extensive knowledge of signal and power integrity, along with at least 15 years in related fields. The ideal candidate will demonstrate...SeniorRemote work
- Overview Garmin Int’l Inc. seeks Senior ERP Application Analyst (Cary, NC; Multiple Positions): Gathers and documents detailed requirements... .... Understands business impacts of issues as they relate to IT owned solutions. Provides reliable solutions to a wide range of difficult...Senior
$102.5k - $187.9k
...engagements and solutions that will bring our clients’ vision and strategy to life. Join our dynamic team as a Technology Analysis Senior, where you will bridge the gap between business needs and technical solutions. You'll be instrumental in analyzing business models...SeniorSummer holidayFlexible hours$102.5k - $187.9k
...engagements and solutions that will bring our clients’ vision and strategy to life. Join our dynamic team as a Technology Analysis Senior, where you will bridge the gap between business needs and technical solutions. You'll be instrumental in analyzing business models...SeniorSummer holidayFlexible hours$100k - $150k
Appian is seeking a candidate in Raleigh, NC to develop custom software and AI solutions for commercial clients. The role requires a strong background in software development, technical consulting, and AI integration. Qualified candidates will have a B.S./B.A. and 3+ years...SeniorFlexible hours- ...Corp in Morrisville, North Carolina is seeking a Software Quality Analyst to implement quality assurance methodologies for enterprise IT environments. Responsibilities include collaborating with stakeholders, developing test strategies, and ensuring compliance with QA...Senior
- Metabolo, based in Morrisville, NC, is seeking a Principal Software Development Engineer. This full-stack role demands expertise in back-end and front-end technologies to create impactful solutions. You will guide teams in the design, architecture, and deployment of critical...Senior
$77k - $202k
...Senior Associate A career in our Microsoft Dynamics team will provide the opportunity to help our clients transform their technology... ...the PwC Professional; our global leadership development framework. It gives us a single set of expectations across our lines, geographies...Senior- BetaNXT Inc is seeking a Senior Specialist, Scrum Master to support our application development teams. This role focuses on facilitating agile processes, leading team sprints, and ensuring effective delivery practices. The ideal candidate will have over 5 years of Scrum...Senior
$118.02k - $180.31k
Sargent Lundy in Cary, North Carolina, is seeking a Mechanical Analysis Engineer with over 10 years' experience in the nuclear power industry. The role involves developing licensing basis evaluations for nuclear uprates, utilizing strong skills in thermodynamics and fluid...SeniorWork at office3 days per week- ABB is seeking an experienced Scrum Master in Cary, North Carolina. The role involves guiding Agile teams, ensuring adherence to Scrum practices, and elevating team performance through facilitation and coaching. You will collaborate closely with Product Owners to manage...Senior
$163.4k - $219.1k
...behind personalization, commerce, lifecycle, and identity. Job Summary The DEEP & Technology team is seeking a highly experienced Senior Manager (M3) to lead and scale our Quality Engineering organization supporting the Disney Media Player and its performance and functionality...SeniorWork experience placement- ABB is seeking a candidate to oversee technical training and development for Services North America from their Cary, NC location. The role empowers you to lead training initiatives and support development of training materials. A successful candidate will have at least ...Senior
- A leading tech company in Cary, NC, is seeking a Product Analyst III to analyze business needs and provide technology solutions. The role requires 4-6 years of experience in business analysis with a strong emphasis on Agile methodologies. Responsibilities include conducting...SeniorRemote work
$105k - $154k
Eaton is seeking a Lead Embedded Software Engineer in Raleigh, NC, to develop, test, and release embedded software for new product development. This hybrid position entails 3 days in-office and 2 days remote. The expected annual salary range is $105,000 to $154,000 based...SeniorWork at officeRemote work- Marsh in Cary, NC is seeking a Lead IT Delivery Manager responsible for leading product delivery and implementation in agile methodologies. This role demands strong project management skills and requires a Bachelor’s degree along with ten years of relevant experience....SeniorFlexible hours
- A leading technology firm in North Carolina is looking for a Senior Embedded Systems Engineer to develop cutting-edge Radio and Wireless Technology products. The ideal candidate will have over 10 years of experience in embedded systems development, proficiency in multiple...Senior
$140k - $200k
Clutch Canada is on the lookout for a Senior Android Engineer to join their fast-growing team in Cary, North Carolina. In this pivotal role, you'll own major features of our widely-used text-to-speech app while collaborating with product, design, and engineering teams...Senior$102.17k - $178.78k
...Trinnex in Raleigh, NC, seeks a Senior Cyber Security Analyst to safeguard software systems essential for water utilities. You will embed security into the software development lifecycle and manage vulnerabilities while collaborating with engineering teams. The ideal...Senior- Railinc Corp. is seeking a Project Development Manager to oversee project deliverables and ensure timely execution. The role involves coordinating with product managers, leading technical teams, and adhering to Agile methodologies. The ideal candidate will have over seven...Senior
- Jacobs is looking for a Digital Delivery Coordinator to assist in designing and executing high-impact data center projects. This position involves collaboration with project teams for seamless digital integration across all phases of construction. The ideal candidate will...Senior
- Job Title Hybrid: Raleigh/Durham, NC or Westlake, TX Top Skills Some awareness of Java and cloud technical documentation skills (systems and application requirements and flow) Exposure to Automation Tools/Frameworks (Mocha, Jasmine, Selenium, Protractor)...Senior
- ...Summary Provides technical support (development, testing, integration and implementation) of applications and interfaces which deliver IT tools and support business functions across the health system. Preferred Qualifications Cadence Certification and Decision Tree...
- Mary Square, LLC in Apex, North Carolina is looking for a skilled Technical Designer to support our apparel design team. The role requires expertise in fit and construction, ensuring our products meet quality standards from concept to production. As the fit expert, you ...Senior
$95.84k - $147.87k
Description Our electric power generation clients are seeking to increase the power output of their existing power plants to meet the electric demands. This is expanding work in the Mechanical Analysis Engineering group. You will work on major systems, equipment, and plant...SeniorFlexible hours3 days per week- ...Accentuate Staffing is working with a well-established financial services organization seeking a Senior IT Auditor to join its internal audit team. This role plays a vital part in evaluating IT controls, cybersecurity practices, and compliance with financial regulations...Senior
Do you want to receive more vacancies?
Subscribe and receive similar vacancies to Senior IT GRC Advisor. Be the first to apply!
- senior game producer Cary, NC
- senior robotics software engineer Cary, NC
- senior java software engineer Cary, NC
- senior electrical designer Cary, NC
- senior director clinical development Cary, NC
- senior consulting engineer Cary, NC
- senior dynamics crm developer Cary, NC
- senior application security Cary, NC
- senior inventory accountant Cary, NC
- senior accountant part time Cary, NC

