All openings

Senior Compliance Analyst

Washington, D.C. or San Francisco, CA

Rally Health is all about putting health in the hands of the individual. It’s our mission, and it drives everything we do, which is to empower people with easy-to-use online and mobile tools that help them take charge of their health and health care, from improving their diet and fitness to selecting health benefits, and choosing the right doctor at the right price for their needs.

Our culture is built on a deep and sincere commitment to helping people live healthier lives. To do this, we are committed to innovating at every level. As our president and COO David Ko says, “We are a company that continuously innovates. It cannot end. It has to be in everything we do, which means that some of the things we’re going to do are not going to work – and that’s okay. We’re not trying to build something that is churn and burn. We’re building something that follows consumers over their lifetime.

Responsibilities:

  • Assists and supports the organization with ongoing testing and monitoring of conformance to the requirements of various compliance standards and legislation.
  • Performs evaluation of internal controls, communications, risk assessments and maintenance of documentation, as it relates to SOC 2 Type 2, HiTrust, HIPAA and NIST.
  • Conducts ongoing internal audits, assessing risk in terms of security controls. Identifies risk and evaluates deficiencies while working with internal departments/business units to appropriately remedy them.
  • Communicates audit results and prepares written documentation/reports, disclosing all significant deficiencies to management.
  • Facilitates internal training on compliance requirements.
  • Conducts ongoing SOC 2 audits, assessing risk in terms of SOC 2 Trust Service Principles security controls
  • Identifies risk and evaluates deficiencies while working with internal departments/business units to appropriately remedy them.
  • Communicates audit results and prepares written documentation/reports as it relates to SOC 2, disclosing all significant deficiencies to management.
  • Facilitates internal training on requirements of SOC 2 compliance.
  • Perform other team duties as required

Qualifications:

  • 3-5 years of experience providing support for corporate compliance efforts
  • Experience with SOC 2 Type 2, PCI DSS, HiTrust, Sarbanes Oxley, ISO 27001, Privacy Shield
  • Demonstrate in-depth knowledge associated with HIPAA compliance and NIST security framework
  • Experience with building, updating corporate IT and Security policies and procedures
  • Ability to lead time effectively to meet deliverables when working different teams in different time zone
  • Highly motivated individuals with focus on accountability and following up
  • Excellent written and verbal communication skills
  • Experience with RFI and RFP support is desired
  • Experience with Safe Harbor is also desired
  • Bachelor’s degree in related discipline or equivalent experience is a requirement
  • CISM, CISA, GCEIT, CRISC certification are a plus

Why join Rally? On top of an innovative work atmosphere and a chance to help people change their lives, we offer competitive pay, daily catered lunches, and an extensive benefits package for all full-time employees (including medical, dental, vision and 401(k)). In addition, offer the ability to grow, while truly making an impact in the healthcare system.

Rally Health is committed to ensuring that its workforce reflects America’s diverse population. Rally Health knows that such diversity will enrich us with the talent, energy, perspective and inspiration it needs to achieve its mission. Rally Health believes in a policy of equal employment and opportunity for all people based on merit and commitment to the principles of diversity. It is our policy to recruit, hire, train, and promote individuals in all job titles, and administer all programs, without regard to race, color, religion, national origin or ancestry, citizenship, sex, age, marital status, pregnancy, childbirth or related medical conditions, personal appearance, sexual orientation, gender identity or expression, family responsibilities, genetic information, disability, matriculation, political affiliation, veteran status, union affiliation, or any other category protected by applicable federal, state or local laws.

Individuals with disabilities and veterans are encouraged to apply. Applicants who require an accommodation related to the application and/or review process should notify Talent Acquisition (recruiting@rallyhealth.com).