Governance, Risk, and Compliance (GRC) Analyst Job at Blooming Health, Remote

M25SSGxKRjZ2ZzN6SlNZaGdwZ3BYTGs2a0E9PQ==
  • Blooming Health
  • Remote

Job Description

Job Description: GRC Analyst – HITRUST, SOC 2, and Other Compliance 

Frameworks

Position : Governance, Risk, and Compliance (GRC) Analyst

Location : Remote/Onsite (Flexible)

Employment Type : Full-Time

Reports To : Chief Information Security Officer (CISO) or Compliance Lead

Role Overview

Blooming Health is seeking a skilled and motivated GRC Analyst to lead the implementation and maintenance of security compliance programs, including HITRUST , SOC 2 , NIST , OHIP , and other regulatory frameworks as needed. This individual will serve as the primary liaison between internal IT, Security, and Operations teams, as well as external compliance consultants. They will ensure all required policies and procedures are developed, implemented, and continuously monitored, while managing internal audits and preparing necessary reports for certification and regulatory bodies.

This is a pivotal role in ensuring Blooming Health's compliance posture supports secure and scalable growth.

Key Responsibilities

Compliance Program Management

• Develop, implement, and manage compliance programs for frameworks such as HITRUST, SOC 2, NIST 800-53, OHIP, and others relevant to Blooming Health.

• Collaborate with external security compliance consultants to guide and accelerate compliance initiatives.

• Design and maintain policies, procedures, and controls that align with regulatory requirements and industry best practices.

Audits and Assessments

• Conduct internal reviews and audits to assess the effectiveness of security controls, operational processes, and compliance policies.

• Prepare and organize documentation and evidence for external audits, readiness assessments, and certification processes.

• Act as the primary point of contact for external assessors and certification authorities.

Policy and Procedure Development

• Lead the creation, implementation, and enforcement of policies related to security, privacy, and operational compliance.

• Ensure all procedures are documented, communicated, and integrated into daily workflows.

Documentation and Reporting

• Maintain a centralized repository of compliance artifacts for ongoing assessments.

• Generate comprehensive reports for internal leadership, certifying authorities, and regulatory bodies to demonstrate compliance status and progress.

Collaboration and Communication

• Work closely with IT, Security, and Operations teams to implement and verify technical and procedural controls.

• Coordinate with external compliance consultants to ensure alignment with certification goals and timelines.

• Partner with business stakeholders to align compliance activities with operational priorities.

Training and Awareness

• Develop and deliver training programs to educate employees on compliance requirements and best practices.

• Foster a culture of security awareness and accountability across the organization.

Risk Management

• Perform risk assessments to identify vulnerabilities, non-compliance risks, and remediation opportunities.

• Maintain a risk register and track the resolution of identified issues.

• Monitor changes in regulatory requirements and update policies and controls accordingly.

Incident and Breach Management

• Develop and maintain an Incident Response Plan aligned with compliance frameworks like HITRUST and SOC 2.

• Act as a key stakeholder in responding to security incidents, breaches, and non-compliance events.

• Coordinate post-incident activities, including root cause analysis, documentation, and reporting to regulatory authorities if required.

• Ensure incidents are logged and tracked to resolution, with lessons learned feeding into process improvements.

• Conduct regular tabletop exercises to test incident response readiness.

Qualifications

Required Skills and Experience

3+ years of proven experience in Governance, Risk, and Compliance roles, preferably in healthcare or technology.

• Strong understanding of frameworks such as HITRUST , SOC 2 , NIST 800-53 , and HIPAA .

• Proven experience conducting internal audits, managing compliance documentation, and preparing for external certifications.

• Familiarity with compliance tools like Vanta , Drata, or Tugboat Logic.

• Knowledge of security controls, including encryption, logging, access management, and vulnerability management.

Technical Skills

• Proficiency with tools such as SIEMs, endpoint protection platforms, and configuration management systems.

• Experience managing policies for cloud-based environments (e.g., AWS, Azure).

• Hands-on experience with security frameworks and automation tools.

Soft Skills

• Excellent communication skills for engaging with technical teams, non-technical stakeholders, and external assessors.

• Strong project management abilities to ensure timely completion of compliance initiatives.

• Detail-oriented with the ability to multitask and prioritize in a dynamic environment.

Preferred Qualifications

• Certifications such as HITRUST Practitioner , CISSP , CISA , CISM , or equivalent.

• Experience implementing compliance programs for multi-framework environments (e.g., SOC 2 + HIPAA + HITRUST).

Why Join Blooming Health?

• Be a key contributor to building a robust compliance program for a mission-driven healthcare startup.

• Work in a collaborative and innovative environment with opportunities for professional growth.

• Competitive salary and benefits package, with flexibility to work remotely or onsite.

Job Tags

Remote job, Full time, Flexible hours,

Similar Jobs

Summit Toyota

PARTS COUNTER PERSON Job at Summit Toyota

 ...Parts Counterperson Auto Dealership All you need is one year of experience in a dealershipto change your career path for the better. We need a reliable, professional parts counterperson to purchase, sell, store and issue parts within our busy dealership. Sure, you... 

Ruan Transportation Management Systems

Regional Flex CDL Driver Job at Ruan Transportation Management Systems

 ...the Job Ruan is now hiring Class A CDL Flex drivers to haul freight for our dedicated customer based in Dixon, IL! Flex drivers...  ...at fmcsa.dot.gov before being hired 9 months of tractor-trailer experience within the past three years EOE Dedicated to Diversity

Greenlife Healthcare Staffing

Job #2961 - Optometrist Job at Greenlife Healthcare Staffing

Optometrist - Bronx, NY (#2961) New graduates are welcome to apply Greenlife Healthcare Staffing is currently seeking an Optometrist to fill an opening with a multi-specialty practice located in Bronx, New York. Requirements of the Optometrist: Must have an active... 

Bright Fleet LLC

Class A Owner Operator Semi Truck Driver Job Job at Bright Fleet LLC

Class A Owner Operator Semi Truck Driver JobWe're looking for energetic Owner Operators to join our team and ready to earn up to $13,000 for SOLO drivers. The ideal candidate will have a current Class A license with minimum 1.5 years of driving experience and will be... 

Stuart Co

Caretaker Job at Stuart Co

 ...Generous PTO accruals Job Responsibilities and Duties: Essential Responsibilities: Maintain a high level of customer service. Inside duties: Tour the entire property (daily) to assess cleaning needs. Clean common areas (i.e., party room, storage rooms...