GRC Senior Analyst (Risk Management)

Posted 2 Days Ago
Raleigh, NC
Hybrid
Senior level
Healthtech • Software • Biotech • Pharmaceutical
Reimagining the infrastructure of cancer care.
The Role
As a GRC Senior Analyst, you will oversee the Security Risk Management function, manage security metrics, assess risks related to projects, and collaborate with multiple teams to enhance data security and compliance within the organization.
Summary Generated by Built In

Reimagine the infrastructure of cancer care within a community that values integrity, inspires growth, and is uniquely positioned to create a more modern, connected oncology ecosystem.
We're looking for a Security GRC Senior Analyst to help us accomplish our mission to improve and extend lives by learning from the experience of every person with cancer. Are you ready to be the next changemaker in cancer care?
What You'll Do
As a member of the Governance, Risk and Compliance (GRC) team, you will develop solutions and processes that further the goals of the organization while ensuring the protection of our patients' information. In addition, you'll also:

  • Provide oversight to the Security Risk Management function and help create / drive it's strategic roadmap
  • Create and deliver security metrics and risk indicators to our external stakeholders to help inform the business areas of their risk posture and enable the business to make informed risk decisions
  • Assist in maturing the security risk management strategy throughout the enterprise.
  • Maintain processes and playbooks related to security metrics reporting
  • Provide oversight for Security's Plan of Action (POAM) and Exception process.
  • Perform risk based analysis on proposed projects, vendors, and issue resolution implementations
  • Lead Security related implementations and projects by coordinating with technical and non-technical teams to ensure success
  • Proactively identify and develop solutions to data security issues by working with multiple teams including Privacy, Legal, HR, Procurement and vendors
  • Effectively communicate security needs and business requirements to stakeholders
  • Serve as an advisor and internal consultant on identified issues, project plans or any other initiative that may have security implications
  • Test implemented controls and perform risk assessments based on established frameworks and Flatiron internal policies
  • Respond to client security risk assessment questionnaires by gathering information from across the organization as necessary
  • Promote security education and awareness across Flatiron


Who You Are
You're someone who takes pride in managing security risks within a dynamic enterprise; you're passionate about identifying issues and working with the appropriate stakeholders to solve them. You're excited by the prospect of rolling up your sleeves to tackle meaningful problems each and every day. You're a kind, passionate and collaborative problem-solver who seeks and gives candid feedback, and values the chance to make an important impact.

  • 6+ years relevant experience working in Security Risk Management, Security Metrics & Reporting, Third party risk assessment, SOC2/ISO/NIST 800-53 audit oversight, and Interpretation & Maintenance of Security Policies / Standards
  • Experience with reporting on key risk indicators and metrics to stakeholders
  • Experience working with security frameworks (HIPAA, PCI, NIST, ISO etc)
  • Proven ability to manage risk and projects in a face paced environment
  • Ability to communicate risk effectively to stakeholders within the organization.
  • Superior organizational skills and attention to detail
  • Excellent interpersonal, writing and communication skills
  • Ability to constantly prioritize and change or adapt to ambiguous situations
  • Passionate about healthcare and the fight against cancer


Extra Credit

  • You have HIPAA experience


Where you'll work
In this hybrid role, you'll have a defined work location that includes work from home and 3 office days set by you and your team. For more information on our approach to hybrid work, please visit the how we work website.
Preferred Primary Location: Raleigh-Durham Office
The annual pay range reflected above for this position is based on the preferred primary location of the role which is listed in the job description. Salary ranges for other locations vary from the range reflected above. Base pay offered may vary depending on job-related knowledge, skills, and experience. An annual bonus and equity may be provided as part of the compensation package, in addition to a full range of medical, financial, and/or other benefits, dependent on the position offered.

Top Skills

Nist

What the Team is Saying

Matthew
Megan
George
Kathi
The Company
HQ: New York, NY
2,500 Employees
Hybrid Workplace
Year Founded: 2012

What We Do

Flatiron Health is a healthtech company dedicated to helping cancer centers thrive and deliver better care for patients today and tomorrow. Through clinical and data science, we translate patient experiences into real-world evidence to improve treatment, inform policy, and advance research. Cancer is smart. Together, we can be smarter. Flatiron Health is an independent affiliate of the Roche Group.

Why Work With Us

Reimagine the infrastructure of cancer care within a technology and science community that values integrity, inspires growth, and is uniquely positioned to create a more modern, connected oncology ecosystem.

Gallery

Gallery
Gallery
Gallery
Gallery
Gallery
Gallery
Gallery
Gallery
Gallery
Gallery

Flatiron Health Teams

Team
Product & Technology
Team
Medical & Clinical
Team
Research Sciences
Team
Partnerships & Customer Success
About our Teams

Flatiron Health Offices

Hybrid Workspace

Employees engage in a combination of remote and on-site work.

At Flatiron, attracting and inspiring a diverse team is essential to our success. Our hybrid work approach, built on flexibility and clarity, allows you to choose your office days while optimizing productivity and well-being.

Typical time on-site: 3 days a week
Company Office Image
HQBusiness & Innovation Hub
Company Office Image
Berlin Office
Company Office Image
Life Sciences Hub
Company Office Image
London Office
Company Office Image
Salt Lake City Office
Company Office Image
Tokyo Office
Learn more

Sign up now Access later

Create Free Account

Please log in or sign up to report this job.

Create Free Account