Senior GRC Compliance Analyst
Ro
This job is no longer accepting applications
See open jobs at Ro.See open jobs similar to "Senior GRC Compliance Analyst" General Catalyst.IT, Legal
New York, NY, USA · Remote
Posted 6+ months ago
Who We Are
Ro is a direct-to-patient healthcare company with a mission of helping as many patients as possible achieve their health goals. Ro is the only company to offer telehealth care, at-home diagnostic testing, labs, and pharmacy services nationwide. This is enabled by Ro's vertically integrated platform that helps patients achieve their goals through a convenient end-to-end healthcare experience spanning from diagnosis, to delivery of medication, to ongoing care. Since 2017, Ro has helped millions of patients in nearly every single county in the United States, including 98% of primary care deserts.
Ro was recognized as a CNBC Disruptor 50 in 2022, listed by Inc. Magazine as a Best Place to Work in 2022 for our third consecutive year, and named one of FORTUNE's 2022 Best Medium Workplaces.
The Role:
The Governance Risk and Compliance Sr. Analyst role will be a core member of Ro’s GRC team. The GRC team enables Ro to de-risk our mission of helping patients unlock their healthcare goals by vigorously assessing our operations against leading compliance frameworks and standing legislation. This individual contributor role will be a key player in executing Ro’s GRC Program by partnering with our business functions to assess our audit readiness for our external obligations (HITRUST, SOC2 & HIPAA). The Sr. GRC Analyst will redefine our information security & privacy policies and rebaseline our Security Training Program.
What You’ll Do:
- Optimize our existing Information Security & Privacy Policies to best serve our businesses and stakeholders
- Align and refresh our Security Training Program with industry best practices
- Automate compliance reviews on critical processes to ensure compliance to our policies. Perform manual reviews as required.
- Partner with stakeholder groups (Infra, Engineering, Legal, Cyber) to identify and manage risk from exceptions to policy
- Ready the organization for internal or external audits through controls testing, compliance reviews, user education and training
- Validate evidence to ensure it meets audit requirements
What You’ll Bring to the Team:
- 5 years’ experience working with risk and compliance frameworks (HIPAA, NIST, HITRUST, SOC2)
- 3 years of demonstrated success in audit readiness activities
- 3 years experience in drafting Information Security & Privacy policy
- Understanding of digital ecommerce platforms, , electronic health records (EHR) systems, and traditional business-enabling IT services
- Knowledge of cloud computing platforms (e.g., Amazon Web Services, Microsoft Azure, Google Cloud) and their security and compliance features.
- Strong analytical and root cause analysis skills
- Ability to communicate to all levels of the organization
Bonus Points
- Strong experience in GRC applications such as OneTrust or Archer
- Experience with automated, continuous compliance tools such as Vanta, Drata or Tugboat
We’ve Got You Covered:
- Full medical, dental, and vision insurance + OneMedical membership
- Healthcare and Dependent Care FSA
- 401(k) with company match
- Flexible PTO
- Wellbeing + Learning & Growth reimbursements
- Paid parental leave + Fertility benefits
- Pet insurance
- Student loan refinancing
- Virtual resources for mindfulness, counseling, and fitness
The target base salary for this position ranges from $127,500 to $166,000, in addition to a competitive equity and benefits package (as applicable). When determining compensation, we analyze and carefully consider several factors, including location, job-related knowledge, skills, and experience. These considerations may cause your compensation to vary.
Ro recognizes the power of in-person collaboration, while supporting the flexibility to work anywhere in the United States. For our Ro’ers in the tri-state (NY) area, you will join us at HQ on Tuesdays and Thursdays. For those outside of the tri-state area, you will be able to join in-person collaborations throughout the year (i.e., during team on-sites).
At Ro, we believe that our diverse perspectives are our biggest strengths — and that embracing them will create real change in healthcare. As an equal opportunity employer, we provide equal opportunity in all aspects of employment, including recruiting, hiring, compensation, training and promotion, termination, and any other terms and conditions of employment without regard to race, ethnicity, color, religion, sex, sexual orientation, gender identity, gender expression, familial status, age, disability and/or any other legally protected classification protected by federal, state, or local law.
See our California Privacy Policy here.
This job is no longer accepting applications
See open jobs at Ro.See open jobs similar to "Senior GRC Compliance Analyst" General Catalyst.