Sr. GRC Compliance Analyst

Posted 8 Days Ago
Easy Apply
2 Locations
Remote
134K-158K Annually
Senior level
Healthtech • Pharmaceutical • Telehealth
Ro's mission is to help patients achieve their health goals by delivering the easiest, most effective care possible.
The Role
The Sr. GRC Compliance Analyst at Ro will lead the audit readiness program, maintain the cyber risk register, manage security and privacy policies, develop risk and privacy analytics, and perform vendor risk assessments to ensure compliance with industry standards and frameworks.
Summary Generated by Built In

Ro is a direct-to-patient healthcare company with a mission of helping patients achieve their health goals by delivering the easiest, most effective care possible. Ro is the only company to offer nationwide telehealth, labs, and pharmacy services. This is enabled by Ro's vertically integrated platform that helps patients achieve their goals through a convenient, end-to-end healthcare experience spanning from diagnosis, to delivery of medication, to ongoing care. Since 2017, Ro has helped millions of patients in nearly every single county in the United States, including 98% of primary care deserts.


The healthcare system today is not designed to help patients achieve their goals. It’s designed around institutions such as hospitals and insurance companies. A patient centric healthcare system is one that is designed around the goals a patient wants to achieve. We’re building healthcare that puts patients in control, provides reactive and proactive care, has transparent pricing and process, is extremely effective and ridiculously convenient, and evolves over time based on patients’ goals.


Ro has been recognized as a Fortune Best Workplace in New York and Health Care for four consecutive years (2021-2024). In 2023, Ro was also named Best Workplace for Parents for the third year in a row. In 2022, Ro was listed as a CNBC Disruptor 50.


The Governance Risk and Compliance Sr. Analyst role will be a core member of Ro’s GRC team. The GRC team enables Ro to manage risk by vigorously assessing our operations against leading compliance frameworks and standing legislation. This individual contributor role will be a key player leading audit readiness program and other key risk initiatives.


What You'll Do:

  • Lead Audit Readiness program, overseeing and driving Ro’s audit readiness initiatives for both internal and external audits, ensuring full preparation and alignment with compliance requirements.
  • Own and maintain the cyber risk register, collaborating with risk owners to quantify risks and develop remediation plans.
  • Own Ro’s security and privacy policy program.
  • Develop and lead a risk and privacy analytics program that provides business context, supporting informed decision-making.
  • Performing vendor risk assessments.

What You'll Bring To The Team:

  • 5 years’ experience working with risk and compliance frameworks (HIPAA, NIST, HITRUST, SOC2, PCI)
  • 3 years of demonstrated success in audit readiness activities
  • Understanding of digital eCommerce platforms, electronic health records (EHR) systems, and traditional business-enabling IT services
  • Knowledge of cloud computing platforms (e.g., Amazon Web Services, Microsoft Azure, Google Cloud) and their security and compliance features. 
  • Experience with automated, continuous compliance tools such as Vanta, Drata or Tugboat
  • Expertise in using Looker (or similar BI tool) to create dashboards, generate reports, and visualize GRC data for stakeholders, with a focus on simplifying complex data into actionable insights.
  • Ability to automate data ingestion, transformation, and reporting processes using scripting languages such as Python or JavaScript, particularly for integrating and managing data from APIs.
  • Strong analytical and root cause analysis skills
  • Demonstrated the ability to operate with fortitude and finesse while navigating compliance topics with stakeholders.
  • Kindness, and an ability to communicate to all levels of the organization

Bonus Points:

  • Strong experience in GRC applications such as OneTrust or Archer

We've Got You Covered:

  • Full medical, dental, and vision insurance + OneMedical membership
  • Healthcare and Dependent Care FSA
  • 401(k) with company match
  • Flexible PTO
  • Wellbeing + Learning & Growth reimbursements
  • Paid parental leave + Fertility benefits
  • Pet insurance
  • Student loan refinancing
  • Virtual resources for mindfulness, counseling, and fitness

The target base salary for this position ranges from $133,500 to $157,500, in addition to a competitive equity and benefits package (as applicable). When determining compensation, we analyze and carefully consider several factors, including location, job-related knowledge, skills and experience. These considerations may cause your compensation to vary.


Ro recognizes the power of in-person collaboration, while supporting the flexibility to work anywhere in the United States. For our Ro’ers in the tri-state (NY) area, you will join us at HQ on Tuesdays and Thursdays. For those outside of the tri-state area, you will be able to join in-person collaborations throughout the year (i.e., during team on-sites).


At Ro, we believe that our diverse perspectives are our biggest strengths — and that embracing them will create real change in healthcare. As an equal opportunity employer, we provide equal opportunity in all aspects of employment, including recruiting, hiring, compensation, training and promotion, termination, and any other terms and conditions of employment without regard to race, ethnicity, color, religion, sex, sexual orientation, gender identity, gender expression, familial status, age, disability and/or any other legally protected classification protected by federal, state, or local law.


See our California Privacy Policy here.

Top Skills

JavaScript
Python

What the Team is Saying

Hugh
Kim
Rachel
Andres
Ross
Kerry
Jay
Zach
The Company
HQ: New York, NY
649 Employees
Hybrid Workplace
Year Founded: 2017

What We Do

Ro is a direct-to-patient healthcare company with a mission of helping patients achieve their health goals by delivering the easiest, most effective care possible. Ro is the only company to offer nationwide telehealth, labs, and pharmacy services. This is enabled by Ro's vertically integrated platform that helps patients achieve their goals through a convenient, end-to-end healthcare experience spanning from diagnosis, to delivery of medication, to ongoing care. Since 2017, Ro has helped millions of patients in nearly every single county in the United States, including 98% of primary care deserts.

Why Work With Us

Ro is powering quality care at scale. The Ro Operating System (ro.OS) vertically integrates the core parts of healthcare, bringing together nationwide telehealth, lab, and pharmacy services on one platform. The result? ro.OS makes it easier for patients to access and providers to deliver high-quality care – millions of times over.

Gallery

Gallery
Gallery
Gallery
Gallery
Gallery
Gallery

Ro Teams

Team
Tech Org
Team
Clinical Team
About our Teams

Ro Offices

Hybrid Workspace

Employees engage in a combination of remote and on-site work.

Ro’ers in the tri-state area join their colleagues in the NY Hub twice a week for in-person collaboration.

Typical time on-site: 2 days a week
HQRo HQ
US
Learn more

Sign up now Access later

Create Free Account

Please log in or sign up to report this job.

Create Free Account