DisclosedRx · 1 day ago
GSRC Analyst II (MUST HAVE 4+ YEARS EXPERIENCE)
USA
Full-time
Onsite
Mid Level
4+ years expDisclosedRx is seeking a Governance, Security, Risk and Compliance Analyst II to enhance their security and compliance posture. The role involves conducting risk assessments, ensuring compliance with regulatory requirements, and supporting audits and policy development.
Hospital & Health Care
Responsibilities
Conduct risk assessments and gap analyses across global IT systems, applications, and cloud platforms
Monitor compliance with regulatory frameworks (HIPAA, CCPA, HITRUST, SOC 2, NIST, CIS) and internal security policies
Support the development, implementation, and maintenance of security policies, standards, and procedures
Preparing for and responding to internal and external audits, including evidence collection and remediation tracking
Responsible for reporting on security incidents, vulnerabilities, and compliance violations
Collaborate with IT, Legal and business teams to remediate identified risks and compliance gaps
Develop and maintain risk and compliance documentation, including risk registers, audit logs, and policy updates
Provide guidance and training to staff on security best practices and compliance requirements
Stay current with evolving regulatory requirements, security threats, and industry standards
Escalate complex risk and compliance issues to senior analysts or management as needed
Qualification
Required
4+ years of experience in IT risk management, security compliance, or related roles
Hands-on experience with regulatory frameworks such as HIPAA, CCPA, HITRUST, SOC 2, NIST, and CIS
Familiarity with AI governance frameworks (e.g., EU AI Act, NIST AI Risk Management Framework, ISO/IEC 42001) and experience assessing risks related to AI/ML systems
Strong understanding of risk assessment methodologies and compliance processes
Experience supporting audits, evidence collection, and remediation activities
Familiarity with security incident response and vulnerability management
Proficiency with risk and compliance management tools and platforms (e.g., Drata, Vanta, Safebase) and/or enterprise GRC platforms
Excellent analytical, documentation, and communication skills
Professional certifications such as SSCP, CISM, CISA, CRISC, ISO 27001 Lead Implementer, or similar
Benefits
Medical
Dental
Vision
LTD
STD
Company Paid Life
PTO
Voluntary Life
Company
DisclosedRx
DisclosedRx provides the best pharmacy benefits for your employees at the lowest total net cost.
51-200 employees
Funding
Current Stage
Growth StageLeadership Team
D
Daniel Rush
Founding Partner
Recent News
2025-06-03
Company data provided by crunchbase