Senior GRC Analyst

Job Summary

To enhance the compliance program and serve as the security interface for customers, the full-time remote Senior GRC Analyst will evaluate risks, conduct internal reviews, and respond to customer security questionnaires while leveraging AI and automation for improved efficiency.

Key responsibilities

• Evaluate organizational policies and standards to ensure compliance with external and internal requirements
• Develop improvements to the compliance program, utilizing AI and automation for process optimization
• Review security-relevant language in customer contracts and provide recommendations to the Legal and GRC teams

Required qualifications

• Bachelor's degree in information security, computer science, or a related field, or equivalent experience
• 5+ years of experience in information security with a focus on compliance, audit, or risk management
• Direct experience with security frameworks and certifications such as NIST SP 800-53, HITRUST, HIPAA, and/or FedRAMP
• Experience responding to customer security questionnaires and supporting security due diligence activities
• Familiarity with healthcare data protection requirements, particularly HIPAA