Enterprise Risk Management (ERM) Counsel

⁠​‌‌​​​‌​​​‌‌‌​‌​​​‌‌‌​​​​‌​​‌​‌‌​​‌‌‌​​‌⁠ a { text-decoration: none; color: #464feb; } tr th, tr td { border: 1px solid #e6e6e6; } tr th { background-color: #f5f5f5; }

Position Summary

The Enterprise Risk Management (ERM) Counsel plays a critical role in supporting the organization’s efforts to identify, assess, and mitigate legal and operational risks across the enterprise. Reporting to the General Counsel, this position focuses on technology-related risks, data privacy, and compliance, while contributing to the execution of the organization’s comprehensive risk management strategy.

---

Key Responsibilities

• Identify, evaluate, and monitor areas of legal risk and vulnerability across organizational operations, with an emphasis on technology, data, and digital systems
• Provide legal guidance on risk mitigation strategies to reduce exposure and ensure compliance
• Support risk transfer initiatives, including drafting, reviewing, and negotiating contracts—particularly software and technology agreements
• Collaborate with the General Counsel and Chief Compliance Officer on matters related to data privacy, cybersecurity, and artificial intelligence
• Prepare legal analyses, memoranda, reports, and policy recommendations to support compliance with applicable laws and internal standards
• Assist in the development, implementation, and maintenance of enterprise-wide risk management policies and procedures
• Participate in leadership discussions and contribute to the execution of strategic initiatives
• Champion and support organizational priorities related to health equity and inclusive practices
• Perform additional duties as assigned

---

Qualifications

Education & Experience

• Juris Doctor (JD) degree required
• Experience in privacy law, data protection, or technology-related legal matters required
• Familiarity with contract management systems, Microsoft Excel, and PowerPoint preferred

Certifications

• Active Illinois law license required
• HIPAA, CIPP, or other privacy-related certification preferred

---

Knowledge, Skills, and Abilities

• Strong analytical and critical thinking skills with the ability to assess complex legal risks
• Excellent written and verbal communication skills
• Ability to manage multiple priorities and work effectively in a collaborative, cross-functional environment
• Knowledge of regulatory and compliance frameworks related to healthcare, data privacy, cybersecurity, and technology
• Strong attention to detail and sound professional judgment

---

Work Environment & Physical Requirements

• Primarily office-based with moderate noise levels
• Prolonged periods of sitting, typing, and verbal communication
• Occasional walking, standing, and light lifting (up to 25 pounds)

---

Why Join Us

This role offers a unique opportunity to shape enterprise risk strategy within a mission-driven healthcare organization. You will contribute to strengthening compliance, advancing innovation, and supporting equitable care delivery while working alongside a collaborative and purpose-driven team.

⁠​‌‌​‌​​​​‌‌​​​‌‌​‌‌‌​​‌‌​‌​‌‌‌‌‌​​‌‌​​‌​​​‌‌​‌​‌​​‌‌​‌​‌​‌​‌‌‌‌‌​​‌‌​​​‌​​‌‌​‌​​​​‌‌​‌​‌​​‌‌​​‌​​​‌‌‌​​​⁠GIH-healthcaresource-hcs_255_14528⁠​‌‌​‌​​​​‌‌​​​‌‌​‌‌‌​​‌‌​‌​‌‌‌‌‌​​‌‌​​‌​​​‌‌​‌​‌​​‌‌​‌​‌​‌​‌‌‌‌‌​​‌‌​​​‌​​‌‌​‌​​​​‌‌​‌​‌​​‌‌​​‌​​​‌‌‌​​​⁠GIH-combined-hcs_255_14528