Information Security Analyst, GRC

📋 Description

• Role focused on security governance, risk, and compliance.
• Ensure policies align with HITRUST, SOC2, and related controls.
• Administer risk management program and vendor risk management.
• Work with security and IT teams to integrate controls into operations.
• Manage multiple tasks with attention to detail.
• Support audits and continuous control improvements.

🎯 Requirements

• 2+ years in Information Security, IT Audit, or a GRC role.
• Strong knowledge of HITRUST CSF and SOC2.
• Familiarity with NIST and ISO 27001.
• Excellent written communication for audit artifacts.
• Experience with Jira, Google Workspace, and GRC tools such as Vanta or Drata.
• Vendor management and risk assessment experience.

🎁 Benefits

• Medical, dental and vision insurance
• $4,400 annual HSA contribution
• Paytient Health Payment Account (HPA)
• Five weeks of annual PTO
• Week-long fully paid summer break for all employees
• Ten weeks of bonding leave for new parents