Compliance and Security Framework Intern

About Us:

Navvis is a leading population health company driving performance in valuebased care. As an operating partner to some of the countrys most innovative health systems physician enterprises and health plans we provide solutions that accelerate the journey to valuebased care. Our approach is marketbased we respect the unique needs of populations in each community including access to care culture values and capabilities. Together with our partners we set a new national standard in healthcare performance that delivers the affordability quality access and experience that all patients deserve.

Learn more at:

As a Compliance and Security Framework Intern you will:

• Assist our IT compliance team in supporting regulatory and security framework initiatives including HITRUST SOC 2 HIPAA Security Rule and CIS Controls
• Be responsible for gathering and organizing compliance evidence reviewing framework requirements and helping with document alignment with each control within our compliance tracking platform
• Gain exposure to industrystandard compliance frameworks and audit processes.
• Participate in handson experience with evidence collection and control mapping.
• Gain insight into risk management policy development and enterprise IT operations.

A Day in the Life:

• Check compliance tracking system (e.g. Cynomi) for assigned evidence tasks
• Collect documentation for controls (e.g. screenshots policies logs)
• Map and tag evidence to specific HITRUST SOC 2 HIPAA or CIS controls and create tasks to update evidence on a recurring schedule
• Crossreference policies and procedures against framework requirements
• Collaborate with IT/security staff to clarify technical evidence
• Update task statuses and documentation in tracking software
• Flag potential gaps or missing items for review
• Join meetings with operations or infrastructure teams
• Log progress and prepare questions

What success looks like in this role:

• Understanding and experience working with industrystandard cybersecurity frameworks (such as NIST CSF HIPAA Security Rule CIS Benchmarks HITRUST etc)

We are excited about you if you have these things:

• Currently living near St. Louis MO or will be in the summer of 2025
• Strong verbal and written communication and attention to detail
• Comfortable working in a fastpaced and dynamic setting
• Currently pursuing a Bachelors or masters degree in Cybersecurity Information Systems Health Informatics or a related field.
• Basic knowledge of IT compliance and security concepts (familiarity with HITRUST HIPAA SOC 2 or CIS is a plus).
• Strong organizational and research skills with attention to detail.
• Proficient in Microsoft Office and comfortable navigating cloudbased systems.
• Ability to handle confidential data with discretion and professionalism
• Selfmotivated and capable of working independently with supervision

What youll get:

Navvis is committed to attracting the most insightful and motivated talent by providing a candidate and onboarding experience that you wont find elsewhere! We foster an environment and culture that allow people to be creative feel connected and be inspired to do their best work no matter where they are on the map. For all colleagues at Navvis we strive to ensure that they have everything needed to be successful. From the basics like a competitive total rewards strategy volunteering and social engagement activities to creating company experiences that challenge you to think differently and do different things as part of our never stop learning ecosystem we support the whole person when you become a team member at Navvis.

Our Commitment:

Navvis is an equal employment opportunity and affirmative action employer seeking diversity in qualified applicants for employment. All applicants will receive consideration for employment without regard to race ethnicity color gender gender identity age religion creed national origin ancestry disability perceived disability medical condition genetic information military or veteran status sexual orientation or any other protected status as defined by applicable law. Prior to the next step in the recruiting process we welcome you to inform us confidentially if you may require any special accommodation to complete your application and participate fully in our recruitment experience. Contact us at

#LIHybrid

#Intern