Most Loved Workplace® Certified JobSenior/Staff TPM, Security Risk
Most Loved Workplace® Certified JobAbout the Role
At Grow Therapy, a Most Loved Workplace® certified employer in the Hospital & Health Care space, Empowering providers, connecting clients, transforming mental healthcare access.
Grow Therapy is on a mission to serve as the trusted partner for therapists growing their practice, and patients accessing high-quality care. Powered by technology, we are a three-sided marketplace that empowers providers, augments insurance payors, and serves patients. Following the mass increase in depression and anxiety, the need for accessibility is more important than ever. To make our vision for mental healthcare a reality, we’re building a team of entrepreneurs and mission-driven go-getters. Since launching in February 2021, we’ve empowered more than ten thousand therapists and hundreds of thousands of clients across the country and insurance landscape. We’ve raised more than $328Mm in funding, including our Series D, at a $3B valuation from Sequoia Capital, Transformation Capital, TCV, SignalFire, Menlo Ventures, Goldman Sachs Alternatives, and others. The Opportunity We are looking for a Security Risk Program Manager to take Grow Therapy's security risk program to the next level of maturity. Reporting directly to the Head of Security, you'll be part of a team focused on protecting Grow's patients, providers, employees, and business by embedding risk awareness into everyday decision-making. Your work will directly support Grow's mission to expand access to high-quality mental healthcare—safely, responsibly, and at scale. Your responsibilities will include building and maturing our enterprise risk management framework, driving audit readiness, shaping executive risk reporting, and partnering closely with teams across Legal, Compliance, Engineering, and Product. What You'll Be Doing Build and mature Grow's enterprise security risk management program , including risk identification, assessment, prioritization, remediation tracking, and maintaining a comprehensive risk register that informs business decisions. Lead the charge on AI risk management: Security sits within Grow’s Internal Foundations pillar, which is building company-wide infrastructure to support AI adoption. You’ll be in an incredible position to influence safe and thoughtful adoption of AI tooling at the enterprise level. Own the third-party/vendor security risk management program , streamlining review workflows to support business velocity while ensuring robust security oversight of partners and vendors. Drive audit readiness and external certifications (SOC 2, HIPAA-aligned assessments, HITRUST readiness) in close partnership with Legal and Compliance, reducing repeat findings and improving remediation timelines. Develop and deliver executive-level risk reporting and readouts that translate technical and security risks into clear business impact, enabling leadership to make informed, risk-aware tradeoffs as Grow Therapy scales. Partner proactively across Security Engineering, Product, Engineering, and Operations to embed security and risk awareness into planning and decision-making cycles—positioning security as a strategic enabler rather than a gatekeeper. You'll Be a Good Fit If You have deep experience building and operating security or enterprise risk management programs (not just managing projects) and a strong bias toward execution in fast-paced environments. You bring strong knowledge of healthcare security, privacy, and compliance frameworks (HIPAA, SOC 2, HITRUST) and can navigate regulatory obligations without sacrificing speed or innovation. You have exceptional stakeholder management and communication skills , including a track record of influencing senior leaders and translating complex risk concepts into actionable business guidance. You are a strong program manager with a structured approach to prioritization, documentation, and cross-functional alignment. Bonus: Experience scaling risk programs at high-growth or pre-IPO tech companies, prior ownership of vendor risk programs, or familiarity with GRC tooling and automation. Employment Type: Full Time, Exempt Base Compensation: The base compensation range for this position is $152,000–$189,750 USD Annually. The base compensation for this role will vary depending on several factors, including relevant experience, qualifications, and the candidate's working location. Location: This is a hybrid role with the expectation to work onsite from our NYC or San Francisco hub locations three days per week (Tuesday, Wednesday, and Thursday) and travel 2–3 times per year (e.g., company and department offsites). Full Time Employee Benefits: Comprehensive Health Coverage: Medical, dental, and vision insurance, plus life and disability coverage. Parental Leave & Family Support: Up to 18 weeks paid leave and a new child stipend. Financial Wellness: 401(k) program and equity opportunities. Meals & Home Office Support: Stipends for home office setup and ongoing funds for meals, with tailored perks for both remote and in-office employees. Time Off to Recharge: Flexible PTO, 12 paid holidays, and a full winter break week. Wellness & Development: Annual stipends to put towards personal & professional growth. Mental & Physical Health Support: No-cost access to therapy through the Grow platform, weekly flexible hours for self-care (“Mental Health Mornings/Afternoons”) and memberships to leading wellness apps (such as One Medical, Headspace, and Talkspace). Extra Perks: Pet insurance discounts, commuter benefits, and global travel assistance. Research shows that some groups hesitate to apply unless they meet every qualification. If you’re excited about this role but don’t check every box, we encourage you to apply. At Grow, we value diverse experiences, transferable skills, and the unique strengths each person brings. Grow Therapy is proud to be an equal opportunity workplace and is an affirmative action employer. We are committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity or Veteran status. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. Use of AI Tools: We use certain AI and automated tools to support recruitment. These tools help our team review applications, organize interviews, detect potential application integrity issues, and maintain interview records; they do not make final hiring decisions. Application Review: Ashby's AI-Assisted Application Review helps review application materials against role-specific criteria and may flag potential fraud or integrity issues for recruiter review. All advancement decisions are made by our human recruiting team after independent review. See Ashby's AI Bias Audit Report . Interview Recording: We use BrightHire to record interviews, supporting note-taking and consistency across candidates. Learn more . Interviews are confidential; you may ask your interviewer to stop recording anytime, or opt out in advance . Choosing not to be recorded will not, by itself, affect your candidacy. AI-Assisted Recruiter Screen: For select roles, BrightHire's AI features may help structure initial recruiter screens and organize interview notes. All responses are reviewed by our recruiting team; no hiring decisions are made by AI alone. State-specific notices: Depending on your location, you may have additional rights. Illinois: If AI analyzes a video interview, we'll provide notice, explain how it works and what it evaluates, and obtain consent beforehand. New York City: Where required, we'll provide at least 10 business days’ notice before using an automated employment decision tool and explain how to request an alternative process. Maryland: We do not use facial recognition to create facial templates during interviews unless required notice and written consent are obtained. Questions, accommodation requests, requests for an alternative selection process, objections to recording, or concerns about AI use? Contact talentops@growtherapy.com. We’re happy to help or offer an alternative way to participate.
Want to learn more about what it's like to work at Grow Therapy? View our full profile.
Prefer to apply on the company's career site?
View Original Posting
Why This Is a Most Loved Workplace® Certified Job
What It's Like to Work Here
Frequently Asked Questions About Working at Grow Therapy
Common questions candidates ask about this role and Grow Therapy's workplace
Apply for Senior/Staff TPM, Security Risk
Submit your application directly to the Grow Therapy team. Let them know why you'd be a great addition to their loved place to work.

