Security GRC Analyst jobs in United States
cer-icon
Apply on Employer Site
company-logo

HealthEquity · 6 days ago

Security GRC Analyst

positionUnited States
timeFull-time
remoteRemote
seniorityEntry Level
money$36.30/hr - $46.15/hr
date1+ years exp

HealthEquity is dedicated to saving and improving lives by empowering healthcare consumers. The Security GRC Analyst role involves mastering client security questionnaires and contract reviews while supporting broader governance, risk, and compliance initiatives to enhance the company's security posture.

Financial ServicesHealth CarePayments
check
Growth Opportunities
check
H1B Sponsor Likelynote

Responsibilities

Support the intake, review, and completion of client security questionnaires and assessments
Support contract reviews by coordinating with Privacy, Security, Legal, and Compliance and learning how to identify risks, missing terms, and required redlines
Develop strong working knowledge of HealthEquity’s security policies, standards, and controls so you can confidently and accurately respond to client inquiries
Organize and validate evidence for external audits and certifications such as SOC 2, HITRUST, PCI, HIPAA, or FedRAMP
Assist with internal control reviews and risk assessments by documenting gaps and identifying improvement opportunities
Support maintenance and update security control inventories, mappings, and evidence repositories
Partner with control owners across Security, IT, and Compliance to ensure timely and complete audit responses
Support tracking of remediation items, control testing cycles, and continuous monitoring activities
Contribute to standard operating procedures, process documentation, and repeatable GRC playbooks
Help create awareness, training materials, and guidance for internal teams and client‑facing groups

Qualification

Security questionnairesContract reviewsGRC frameworksInformation SecurityCloud environmentsDocumentation skillsCustomer service mindsetCommunication skillsAttention to detailOrganizational skills

Required

Someone who thrives in a remote environment and collaborates proactively
A natural question‑asker who seeks clarity early and communicates well in virtual channels
Strong attention to detail with a willingness to learn complex subject matter
Clear written and verbal communication, especially when responding to client security inquiries
Dependability, organization, and comfort managing multiple incoming requests
Interest in how security controls, audits, and risk processes work in a regulated environment
Ability to work with both technical and non‑technical partners
A customer‑service mindset focused on accuracy, timeliness, and transparency
Bachelor's degree preferred but not required. Related degrees may include Information Security, Cybersecurity, Computer Science, Information Systems, Information Technology, Management Information Systems, Data Analytics, Business with an IT or Security focus, or any other technical or analytical field
One year of professional experience preferred, including internships or entry‑level roles
One foundational certification such as CompTIA Security+, CC, or ISO 27001 Foundations is required within 12 months

Preferred

Experience with security questionnaires, audits, or compliance work is helpful but not required
Exposure to frameworks such as SOC 2, HITRUST, NIST CSF, PCI, or HIPAA is a plus
Foundational understanding of information security or interest in developing it quickly
Strong documentation, organization, and follow‑through
Familiarity with cloud environments or control frameworks is helpful
Experience with tools like Archer, Drata, Vanta, or ServiceNow GRC is a plus but not required
Additional certifications such as CISA, CRISC, CGRC, or CCSFP are a plus

Benefits

Medical, dental, and vision
HSA contribution and match
Dependent care FSA match
Full-time team members receive a minimum of 18 days of annual PTO and 13 paid holidays per year
Paid parental leave
401(k) match
Personal and healthcare financial literacy programs
Ongoing education & tuition assistance
Gym and fitness reimbursement
Wellness program incentives

Company

HealthEquity

twittertwittertwitter
Glassdoor4.1
company-logo
HealthEquity connects health and wealth by administering Health Savings Accounts (HSAs) and other consumer-directed benefits.
dateFounded in 2002
location
Draper, Utah, USA
people-size1001-5000 employees
web-link
http://www.healthequity.com

H1B Sponsorship

HealthEquity has a track record of offering H1B sponsorships. Please note that this does not guarantee sponsorship for this specific role. Below presents additional info for your reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2025 (15)
2024 (8)
2023 (31)
2022 (3)
2021 (1)
2020 (2)

Funding

Current Stage
Public Company
Total Funding
$12.5M
2014-07-31IPO
2011-09-09Private Equity· $12.5M

Leadership Team

leader-logo
Scott Cutler
President and CEO
linkedin
leader-logo
James Lucania
Chief Financial Officer
linkedin

Recent News

PR Newswire
Six months an AI unicorn, Parloa surpasses $50M revenue mark
2025-12-18
HealthEquity, Inc.
HealthEquity Reports Third Quarter Ended October 31, 2025 Financial Results
2025-12-04
thefly.com
HealthEquity reports Q3 EPS $1.01, consensus 91c
2025-12-04
Company data provided by crunchbase