IT Compliance (GRC) Analyst
Share
Job Location:
Huntington Beach, CA - USA
Monthly Salary:
$ 95 - 105
Posted on:
30+ days ago
Vacancies:
1 Vacancy
Job Summary
About us
LifeMD is a leading digital healthcare company committed to expanding access to virtual care pharmacy services and diagnostics by making them more affordable and convenient for on both treatment and prevention our unique care model is designed to optimize the patient experience and improve outcomes across more than 200 health concerns.
To support our expanding patient base LifeMD leverages a vertically-integrated proprietary digital care platform a 50-state affiliated medical group a 22500-square-foot affiliated pharmacy and a U.S.-based patient care company with offices in New York City; Greenville SC; and Huntington Beach CA is powered by a dynamic team of passionate professionals. From clinicians and technologists to creatives and analysts were united by a shared mission to revolutionize enjoy a collaborative and inclusive work environment hybrid work culture and numerous opportunities for growth. Want your work to matter Join us in building a future of accessible innovative and compassionate care.
About the role
We are seeking an inquisitive and collaborative IT Governance Risk and Compliance (GRC) Analyst to support the IT compliance programs supporting SOX and HIPAA across our technology stack including in-house developed systems and third-party SaaS platforms. You will help maintain control readiness perform testing and evidence collection and support risk and vendor assessments for internally developed systems and SaaS applications.
Core Responsibilities
- Support SOX and HIPAA controls by helping design document and maintain ITGCs and operational controls
- Maintain documentation such as control narratives flowcharts risk and control matrices and evidence repositories
- Assist remediation efforts by coordinating with IT and business teams validating remediation evidence and tracking closure of deficiencies
- Perform risk assessments and gap analyses for IT systems that handle PHI and financial data
- Automate and monitor controls through scheduled reviews scripts or tooling to reduce manual effort and improve coverage
- Support audits and vendor reviews by preparing workpapers answering auditor questions and helping with vendor control questionnaires
- Perform vendor and third-party assessments for SaaS providers ensuring appropriate controls are in place and evidenced
Requirements
Basic Qualifications:
- Bachelors degree in a related field or equivalent experience
- Relevant experience with IT controls IT audit SOX testing IT risk HIPAA or related functions
- Practical understanding of HIPAA Security and Privacy requirements and how they apply to IT systems that handle PHI
- Technical foundation with identity and access management change management SDLC backup and recovery and logging/monitoring
- Hands-on experience collecting and organizing audit evidence and documenting control testing procedures
Preferred Qualifications:
- Relevant certification(s) (CISA CRISC CPA CHPS)
- Healthcare or healthtech industry experience
- Written and verbal communication skills with the ability to create concise documentation and explain technical details to nontechnical stakeholders.
Benefits
- Annual Salary: $95K-$105K
- Health Care Plan (Medical Dental & Vision)
- Retirement Plan (Roth 401k)
- Life Insurance (Basic Voluntary & AD&D)
- Unlimited PTO Policy
- Paid Holidays
- Short Term Disability
- Training & Development
Required Experience:
IC
Key Skills
- IT Experience
- SAP Materials Management
- SAP SuccessFactors
- Agile
- Business Analysis
- SAP
- Requirements Gathering
- SAP Finance & Controlling
- SAP Supply Chain Management
- SAP S/4HANA
- SDLC
- Oracle
About Company
LifeMD is an emerging leader in technology-driven healthcare. We're applying our direct-to-consumer marketing expertise to make access to quality care and medication convenient, cost-effective, and simple. Our brands are intensely focused on our patients, constantly striving to delive ... View more
