Director, Governance, Risk, and Compliance (GRC)
Governance & Security Risk Strategy
Define and evolve Clover Health’s security governance and risk management strategy, aligning function-level priorities with enterprise objectives and the security roadmap.
Establish a risk-driven approach to governance aligned with:
- HIPAA Security and Privacy Rules
- NIST Cybersecurity Framework (CSF) v2
- NIST AI Risk Management Framework (AI RMF), where applicable
Anticipate security and regulatory risks 12+ months out, using business, product, regulatory, and market signals to inform strategy and tradeoffs.
Ensure security risk decisions are clearly framed, documented, and communicated in business terms for executive and board-level audiences.
Assist the CISO in setting security risk priorities, framing tradeoffs, and communicating risk posture and progress to executive leadership and the Board.
Compliance & Regulatory Leadership
Own Clover Health’s security compliance posture as a public healthcare company, including federal and state regulatory obligations.
Lead security-related audits, assessments, and regulatory inquiries in partnership with Legal, Compliance, Privacy, and Internal Audit.
Drive clarity, consistency, and maturity in security policies, standards, and procedures.
Ensure compliance efforts are proactive, scalable, integrated into how Clover Health builds and operates products, and maintained over time to support ongoing audit readiness and regulatory expectations.
Accountability & Delivery Leadership
Own high-stakes outcomes for the GRC function, ensuring accountability across internal partners and third-party providers.
Set clear success metrics, decision rights, and escalation paths for risk and compliance activities.
Make and communicate tough prioritization calls when business needs, regulatory demands, or risk profiles shift.
Surface high-risk issues early and transparently to the CISO, peers, and senior leaders.
Third-Party Risk Management
Lead Clover Health’s third-party security risk management program end-to-end.
Oversee vendor due diligence, risk assessments, remediation tracking, and ongoing monitoring.
Manage and hold accountable a third-party GRC services vendor, ensuring delivery quality, prioritization, and alignment to Clover’s risk appetite.
Ensure third-party risks are evaluated holistically and escalated appropriately.
Incident, Crisis, and Resilience Governance
Lead governance and coordination for:
- Security incident response (IR)
- Crisis management
- Disaster recovery (DR)
- Business continuity (BC)
Ensure incidents are tracked, analyzed for root cause, reported appropriately, and followed through with corrective actions.
Lead or support enterprise tabletop exercises and simulations.
Balance immediate response needs with long-term system and process improvements.
Cross-Functional Problem Solving & Influence
Lead multi-team, cross-functional problem solving on complex security and compliance issues.
Connect operational issues to systemic root causes and drive sustainable fixes rather than short-term workarounds.
Influence peers and senior leaders through credibility, data, and executive presence—not authority.
Build durable partnerships across Engineering, IT, MA, Legal, Compliance, Privacy, Finance, and Operations.
Culture, Coaching, and Enterprise Presence
Build trust and credibility as a senior Clover leader.
Coach people managers, high-potential ICs, and vendor staff to elevate GRC maturity across the organization.
Model transparency, accountability, and alignment in leadership forums.
Contribute to a culture of thoughtful risk-taking, strong execution, and shared ownership.
Benefits Overview
Financial Well-Being: Competitive base salary and equity opportunities, performance-based bonus program, 401k matching, and regular compensation reviews.
Physical Well-Being: Comprehensive medical, dental, and vision coverage.
Mental Well-Being: Initiatives such as No-Meeting Fridays, monthly company holidays, access to mental health resources, and a generous flexible time-off policy.
Professional Development: Learning programs, mentorship, professional development funding, and regular performance feedback and reviews.
Additional Perks
Employee Stock Purchase Plan (ESPP) offering discounted equity opportunities
Reimbursement for office setup expenses
Monthly cell phone & internet stipend
Remote-first culture, enabling collaboration with global teams
Paid parental leave for all new parents
And much more!
About Clover
We are reinventing health insurance by combining the power of data with human empathy to keep our members healthier. We believe the healthcare system is broken, so we've created custom software and analytics to empower our clinical staff to intervene and provide personalized care to the people who need it most.
We always put our members first, and our success as a team is measured by the quality of life of the people we serve. Those who work at Clover are passionate and mission-driven individuals with diverse areas of expertise, working together to solve the most complicated problem in the world: healthcare.
Diversity & Inclusion have always been key to our success. We are an Equal Opportunity Employer and our employees are people with different strengths, experiences, perspectives, opinions, and backgrounds, who share a passion for improving people's lives. Diversity not only includes race and gender identity, but also age, disability status, veteran status, sexual orientation, religion and many other parts of one’s identity. All of our employee’s points of view are key to our success, and inclusion is everyone's responsibility.
Job Alert
Interested in building your career at Clover Health? Get future opportunities sent straight to your email.
Application Instructions
To apply for this job, please click the button below.