Design, implement, and maintain robust governance, risk, and compliance processes, ensuring adherence to healthcare security standards including HIPAA, HITRUST, and SOC2.
Collaborate cross-functionally with various teams to align GRC solutions with organizational security requirements, facilitating compliant and efficient operations across the enterprise.
Drive impactful compliance outcomes that directly strengthen our regulatory posture and support our critical security attestation initiatives.
Your ability to partner effectively across teams will be crucial in this role as we continue to mature our GRC capabilities.

BS / BTech (or higher) in Computer Science, Information Technology, Cybersecurity or a related field.
2+ years combined experience as a security or GRC professional in an enterprise environment (preferably healthcare or highly regulated industry).
Experience in Governance, Risk, and Compliance functions, including hands-on experience with GRC frameworks (SOC2, HIPAA, HITRUST, NIST).

Flexible work schedules and the ability to work remotely are available for many roles
Health, dental and vision insurance paid up to 80% for employees, dependents and domestic partners
Robust time-off plan (21 days of PTO in your first year)
Two paid volunteer days and 11 paid holidays
12 weeks paid parental leave for all new parents
Six weeks paid sabbatical after six years of service
Educational Assistant Program and Clinical Employee Reimbursement Program
401(k) with up to 4% match
Stock options
And much more!

Security Engineer II, GRC

Key skills