Included Health is looking to hire a Governance, Risk, and Compliance Analyst! In this role, you will be helping Included Health change the standard of security in healthcare, and help support our ongoing compliance initiatives. You will be working closely with our Audit & Compliance team, Dev teams and with other Information Security professionals to ensure our platform, application, and member experience are secure.

Responsibilities:

• Drive and track enterprise compliance. You will be familiar with NIST, CIS, PCI, and HIPAA frameworks and controls. You will also be creating data flows, data maps, and business process mapping.
• Respond to customer third-party risk assessments and questionnaires. You will help facilitate business transactions, and build relationships with existing and prospective customers.
• Assist risk assessments. You will help implement a third party risk management program, assist customer risk assessments, and drive internal assessments.
• Build an Information Security metrics program. You will develop and report metrics for compliance with InfoSec policies and standards.
• Team player, influencer, and ability to understand risks at different levels of the enterprise.
• Excellent communication skills to clearly communicate security recommendations, decisions, and to build and maintain security relationships across the enterprise.

Qualifications:

• Experience building and driving security awareness programs
• CISA (Certified Information Security Auditor), or equivalent experience
• Good understanding of the Common Controls Framework
• Experience in developing security policies and standards
• Experience in supporting and driving information security compliance programs including PCI, ISO 27001, HITRUST, and SOC 2
• Previous experience working in a technology environment
• Bachelor’s Degree in Computer Science or a related field
• AWS, Azure or GCP experience

#LI-Remote

About Included Health

Included Health is a new kind of healthcare company, delivering integrated virtual care and navigation. We’re on a mission to raise the standard of healthcare for everyone. We break down barriers to provide high-quality care for every person in every community — no matter where they are in their health journey or what type of care they need, from acute to chronic, behavioral to physical. We offer our members care guidance, advocacy, and access to personalized virtual and in-person care for everyday and urgent care, primary care, behavioral health, and specialty care. It’s all included. Learn more at includedhealth.com.

-----

Included Health is an Equal Opportunity Employer and considers applicants for employment without regard to race, color, religion, sex, orientation, national origin, age, disability, genetics or any other basis forbidden under federal, state, or local law. Included Health considers all qualified applicants in accordance with the San Francisco Fair Chance Ordinance.