Sr. GRC Compliance Analyst
New York, NY or Remote
Ro is a direct-to-patient healthcare company with a mission of helping patients achieve their health goals by delivering the easiest, most effective care possible. Ro is the only company to offer nationwide telehealth, labs, and pharmacy services. This is enabled by Ro's vertically integrated platform that helps patients achieve their goals through a convenient, end-to-end healthcare experience spanning from diagnosis, to delivery of medication, to ongoing care. Since 2017, Ro has helped millions of patients in nearly every single county in the United States, including 98% of primary care deserts.
The healthcare system today is not designed to help patients achieve their goals. It’s designed around institutions such as hospitals and insurance companies. A patient centric healthcare system is one that is designed around the goals a patient wants to achieve. We’re building healthcare that puts patients in control, provides reactive and proactive care, has transparent pricing and process, is extremely effective and ridiculously convenient, and evolves over time based on patients’ goals.
Ro has been recognized as a Fortune Best Workplace in New York and Health Care for four consecutive years (2021-2024). In 2023, Ro was also named Best Workplace for Parents for the third year in a row. In 2022, Ro was listed as a CNBC Disruptor 50.
The Governance Risk and Compliance Sr. Analyst role will be a core member of Ro’s GRC team. The GRC team enables Ro to manage risk by vigorously assessing our operations against leading compliance frameworks and standing legislation. This individual contributor role will be a key player leading audit readiness program and other key risk initiatives.
Ro recognizes the power of in-person collaboration, while supporting the flexibility to work anywhere in the United States. For our Ro’ers in the tri-state (NY) area, you will join us at HQ on Tuesdays and Thursdays. For those outside of the tri-state area, you will be able to join in-person collaborations throughout the year (i.e., during team on-sites).
At Ro, we believe that our diverse perspectives are our biggest strengths — and that embracing them will create real change in healthcare. As an equal opportunity employer, we provide equal opportunity in all aspects of employment, including recruiting, hiring, compensation, training and promotion, termination, and any other terms and conditions of employment without regard to race, ethnicity, color, religion, sex, sexual orientation, gender identity, gender expression, familial status, age, disability and/or any other legally protected classification protected by federal, state, or local law.
See our California Privacy Policy here. Apply
The healthcare system today is not designed to help patients achieve their goals. It’s designed around institutions such as hospitals and insurance companies. A patient centric healthcare system is one that is designed around the goals a patient wants to achieve. We’re building healthcare that puts patients in control, provides reactive and proactive care, has transparent pricing and process, is extremely effective and ridiculously convenient, and evolves over time based on patients’ goals.
Ro has been recognized as a Fortune Best Workplace in New York and Health Care for four consecutive years (2021-2024). In 2023, Ro was also named Best Workplace for Parents for the third year in a row. In 2022, Ro was listed as a CNBC Disruptor 50.
The Governance Risk and Compliance Sr. Analyst role will be a core member of Ro’s GRC team. The GRC team enables Ro to manage risk by vigorously assessing our operations against leading compliance frameworks and standing legislation. This individual contributor role will be a key player leading audit readiness program and other key risk initiatives.
What You'll Do:
- Lead Audit Readiness program, overseeing and driving Ro’s audit readiness initiatives for both internal and external audits, ensuring full preparation and alignment with compliance requirements.
- Own and maintain the cyber risk register, collaborating with risk owners to quantify risks and develop remediation plans.
- Own Ro’s security and privacy policy program.
- Develop and lead a risk and privacy analytics program that provides business context, supporting informed decision-making.
- Performing vendor risk assessments.
What You'll Bring To The Team:
- 5 years’ experience working with risk and compliance frameworks (HIPAA, NIST, HITRUST, SOC2, PCI)
- 3 years of demonstrated success in audit readiness activities
- Understanding of digital eCommerce platforms, electronic health records (EHR) systems, and traditional business-enabling IT services
- Knowledge of cloud computing platforms (e.g., Amazon Web Services, Microsoft Azure, Google Cloud) and their security and compliance features.
- Experience with automated, continuous compliance tools such as Vanta, Drata or Tugboat
- Expertise in using Looker (or similar BI tool) to create dashboards, generate reports, and visualize GRC data for stakeholders, with a focus on simplifying complex data into actionable insights.
- Ability to automate data ingestion, transformation, and reporting processes using scripting languages such as Python or JavaScript, particularly for integrating and managing data from APIs.
- Strong analytical and root cause analysis skills
- Demonstrated the ability to operate with fortitude and finesse while navigating compliance topics with stakeholders.
- Kindness, and an ability to communicate to all levels of the organization
Bonus Points:
- Strong experience in GRC applications such as OneTrust or Archer
We've Got You Covered:
- Full medical, dental, and vision insurance + OneMedical membership
- Healthcare and Dependent Care FSA
- 401(k) with company match
- Flexible PTO
- Wellbeing + Learning & Growth reimbursements
- Paid parental leave + Fertility benefits
- Pet insurance
- Student loan refinancing
- Virtual resources for mindfulness, counseling, and fitness
Ro recognizes the power of in-person collaboration, while supporting the flexibility to work anywhere in the United States. For our Ro’ers in the tri-state (NY) area, you will join us at HQ on Tuesdays and Thursdays. For those outside of the tri-state area, you will be able to join in-person collaborations throughout the year (i.e., during team on-sites).
At Ro, we believe that our diverse perspectives are our biggest strengths — and that embracing them will create real change in healthcare. As an equal opportunity employer, we provide equal opportunity in all aspects of employment, including recruiting, hiring, compensation, training and promotion, termination, and any other terms and conditions of employment without regard to race, ethnicity, color, religion, sex, sexual orientation, gender identity, gender expression, familial status, age, disability and/or any other legally protected classification protected by federal, state, or local law.
See our California Privacy Policy here. Apply
Job Profile
Regions
Countries
401(k) match Dental Fertility Benefits Flexible PTO Medical Medical, dental, and vision insurance OneMedical membership Paid parental leave Pet Insurance Student Loan Refinancing Vision Insurance Wellbeing reimbursements
Tasks- Develop risk and privacy analytics program
- Lead audit readiness program
- Maintain cyber risk register
- Perform vendor risk assessments
Analytical API Integration Archer Audit AWS Azure Cloud Computing Collaboration Compliance Data Visualization Drata EHR Google Cloud GRC Healthcare HIPAA HITRUST Javascript Looker NIST OneTrust Operations PCI Python Recruiting Risk Management Root Cause Analysis SOC2 Telehealth Tugboat Vanta
Experience5 years
TimezonesAmerica/Anchorage America/Chicago America/Denver America/Los_Angeles America/New_York Pacific/Honolulu UTC-10 UTC-5 UTC-6 UTC-7 UTC-8 UTC-9
Remote Jobs in North America
Remote Jobs in Europe
Remote Jobs in Asia/Pacific
Remote Jobs in South America
Remote Jobs in Africa
Remote Jobs in Middle East
Full Time Remote Jobs
Part Time Remote Jobs
Contract Remote Jobs
Internship Remote Jobs
Temporary Remote Jobs
Freelance Remote Jobs
Mid-Level Remote Jobs
Senior-Level Remote Jobs
Entry-Level Remote Jobs
Exec-Level Remote Jobs
Lead-Level Remote Jobs
Remote Scientist Jobs
Remote Senior Software Engineer Jobs
Remote Business Development Jobs
Remote Analytics Jobs
Remote Sales Manager Jobs
Remote Spanish Jobs
Remote Pathologist Jobs
Remote Customer Service Jobs
Remote Speech Language Pathologist Jobs
Remote Contract Jobs
Remote Advisor Jobs
Remote Technician Jobs
Remote Event Jobs
Remote Quality Jobs
Remote Professional Jobs
Remote Program Manager Jobs
Remote Engineer I Jobs
Remote Sales Rep Jobs
Remote Associate Director Jobs
Remote Associate Dir Jobs
Remote Jobs with GBP > 120K in Salary
Remote Jobs with EUR > 100K in Salary
Remote Jobs with CAD > 140K in Salary
Remote Jobs with CAD > 160K in Salary
Remote Jobs with GBP > 140K in Salary
Remote Jobs with EUR > 120K in Salary
Remote Jobs with PLN > 40K in Salary
Remote Jobs with CAD > 180K in Salary
Remote Jobs with PLN > 60K in Salary
Remote Jobs with PLN > 80K in Salary
Remote Jobs with PLN > 100K in Salary
Remote Jobs with PLN > 220K in Salary
Remote Jobs with PLN > 120K in Salary
Remote Jobs with PLN > 140K in Salary
Remote Jobs with PLN > 160K in Salary
Remote Jobs with PLN > 180K in Salary
Remote Jobs with PLN > 200K in Salary
Remote Jobs with GBP > 160K in Salary
Remote Jobs with CAD > 200K in Salary
Remote Jobs with PLN > 260K in Salary