Information Security Analyst (Healthcare)

TL;DR

Information Security Analyst (Healthcare/GRC): Managing security assurance operations and compliance processes to protect sensitive healthcare data with an accent on customer security questionnaires, audit preparation, and risk management. Focus on coordinating HITRUST and SOC 2 audits, resolving security inquiries, and maintaining documentation for a digital-first AI platform.

Location: Must be based in the US (Remote)

Salary: $70,000–$95,000

Company

A leading healthcare intelligence company providing an AI-powered platform to maximize financial outcomes and drive down healthcare costs for health plans.

What you will do

• Manage the intake process for security assurance requests, including triaging, prioritizing, and tracking tickets to resolution.
• Resolve routine security inquiries and respond to customer security questionnaires and audit requests independently.
• Support HITRUST r2 and SOC 2 audit preparation, evidence collection, and coordination across internal teams.
• Maintain the security documentation repository and assist with security policy and procedure maintenance.
• Track security metrics, support vendor risk assessment activities, and assist with security awareness efforts.
• Participate in security incident response and support customer-facing security calls and presentations.

Requirements

• Bachelor’s degree in Information Security, Business, Operations, Finance, Accounting, or equivalent work experience.
• Must be based in the US.
• Strong attention to detail and ability to manage multiple concurrent requests in a fast-paced environment.
• Excellent written and verbal communication skills for interaction with internal stakeholders and external clients.
• Proficiency with productivity and work-tracking tools, such as ticketing systems and document management.

Nice to have

• 1–2 years of experience in operations, compliance, audit support, or finance.
• Exposure to information security frameworks such as NIST, HITRUST, SOC 2, or HIPAA compliance.
• Experience in healthcare technology or working with regulated data environments.
• Familiarity with GRC (Governance, Risk, and Compliance) or security assurance workflows.

Culture & Benefits

• Digital-first environment with the ability to work from anywhere in the US.
• Comprehensive medical, dental, and vision insurance offerings.
• 401(k) with company match, plus FSA and HSA options.
• Tuition reimbursement and additional health and wellness perks.
• Flexible and trusting work environment designed to empower employees.