Share this Job

Governance, Risk & Compliance (GRC) Specialist

Work Schedule/Days:  Day / Monday - Friday
Employment Type:  Full-Time
Location:  Support II 
Requisition #:  91139



Children's Healthcare of Atlanta is hiring a Governance, Risk & Compliance (GRC) Specialist to joing our team.  The GRC Specialist serves as subject matter expert in the area of analyzing risks while having an understanding of multiple security platforms and layers, including vulnerability management, intrusion detection/prevention, incident response, log correlation and management, operating systems, and identity and access management. Helps manage information security risks to an acceptable level.


  • Bachelor's degree in Computer Sciences, Information Technology, related field, or equivalent experience


  • Certified in Risk and Information Systems Control (CRISC), GIAC Certified Intrusion Analyst (GCIA), GIAC Certified Window Security Administrator (GCWN), GIAC Certified Enterprise Defender (GCED), GIAC Security Essentials Certified (GSEC), or Certified Information Systems Security Professional (CISSP)


  • 5 years of experience in any combination of network security protocols/methodologies, information security and information technology controls, National Institute of Standards and Technology and International Organization for Standardization frameworks, security penetration and vulnerability assessments, network/systems administration


  • 2 years of experience in any combination of information technology, computer operations, database management system security
  • Experience in a healthcare setting


  • Strong knowledge of accepted information systems and technology security regulations
  • Solid knowledge of Health Insurance Portability and Accountability Act, Joint Commission, and other information technology security governing bodies
  • Demonstrated knowledge of generally known information technology platforms, standards, and software development language(s)
  • Well-developed organizational, written communication, and analytical skills
  • Strong interpersonal skills to interact positively and productively with teams across organizational lines, including administrative/executive staff and patient care systems users
  • Must be able to function in a dynamic environment subject to impromptu changes in schedules and priorities


  1. Ensures integrity and protection of networks, systems, and applications by technical enforcement of organizational security policies through performance of formal risk assessments, policy and governance, and internal threat analysis.
  2. Performs periodic and on-demand system audits and vulnerability assessments, including user accounts, application access, file system, and external web integrity scans to determine compliance.
  3. Serves as expert on matters related to enterprise network security architecture, design, implementation, and ongoing support for network security devices.
  4. Provides feedback concerning areas for development and accomplishments.
  5. Works closely with Security Architect, network infrastructure team, and business units to provide security planning and technical support.
  6. Develops, updates, and assists in maintaining information security awareness training documentation and materials.
  7. Facilitates training sessions on or about information security and ensures consistent application of company policy and procedure guidelines.
  8. Prepares incident reports of analysis methodology and results and assists with implementation of counter-measures or mitigating controls.
  9. Provides technical expertise for administration of security management tools.
  10. Develops business cases and conduct presentations to senior information technology leadership of proposed security products and studies.
  11. Analyzes and documents information for product and process improvements and analyzes product rejections to create and implement effective corrective and preventive actions.
  12. Works independently or as lead on projects of medium to high complexity.
  13. Maintains current knowledge of relevant technology as assigned.


Safety: Practices proper safety techniques in accordance with hospital and departmental policies and procedures. Responsible for the reporting of employee/patient/visitor injuries or accidents, or other safety issues to the supervisor and in the occurrence notification system.


Compliance: Monitors and ensures compliance with all regulatory requirements, organizational standards, and policies and procedures related to area of responsibility. Identifies potential risk areas within area of responsibility and supports problem resolution process. Maintains records of compliance activities and reports compliance activities to the Compliance Office.


The above statements are intended to describe the general nature and level of work performed by people assigned to this classification.  They are not intended to be an exhaustive list of all job duties performed by the personnel so classified.


Ability to lift up to 15 lbs independently not to exceed 50 lbs without assistance
Bending/Stooping - Occasionally (activity or condition exists up to 1/3 of time)
Climbing - Not Present
Hearing/Speaking - Effective communication with employees, supervisors/managers and staff. Effective communications with patients and visitors, as required.
Lifting - Occasionally (activity or condition exists up to 1/3 of time)
Pushing/Pulling - Not Present
Sitting - Frequently (activity or condition exists from 1/3 to 2/3 of time)
Standing - Occasionally (activity or condition exists up to 1/3 of time)
Walking - Occasionally (activity or condition exists up to 1/3 of time)


No potential for exposure to blood and body fluids


About Us:

Children’s Healthcare of Atlanta has been 100 percent committed to kids for more than 100 years. A not-for-profit organization, Children’s is dedicated to making kids better today and healthier tomorrow.

With 3 hospitals, 20 neighborhood locations and a total of 673 beds, Children’s is the largest healthcare provider for children in Georgia and one of the largest pediatric clinical care providers in the country. Children’s offers access to more than 60 pediatric specialties and programs and is ranked among the top children’s hospitals in the country by U.S. News & World Report.

Children’s has been recognized as a Fortune 100 Best Place to Work, a Best Place for Working Mothers, and as a top employer for diversity and millennials.  We offer a comprehensive compensation and benefit package that supports our mission, vision and values.  We are proud to offer an array of programs and services to our employees that have distinguished us as a best place to work in the country.  Connect to our mission of making kids better today and healthier tomorrow. 

Have questions about the recruitment process?  Check out What to Expect.

Address:  1575 Northeast Expressway, Bldg 2, Atlanta, GA  30329
Function:  Information Technology - Information Security

Nearest Major Market: Atlanta

Job Segment: Information Systems, Developer, Patient Care, Database, Pediatric, Technology, Healthcare