All openings

Senior Compliance Analyst

Washington, D.C. or San Francisco, CA

 

Rally Health is looking for a Security and Compliance Analyst to join our Security and Compliance Team. Assists and supports the organization with ongoing testing and monitoring of conformance to the requirements of various compliance standards and legislation. Performs evaluation of internal controls, communications, risk assessments and maintenance of documentation, as it relates to SOC 2 Type 2, HiTrust, HIPAA and NIST. Conducts ongoing internal audits, assessing risk in terms of security controls. Identifies risk and evaluates deficiencies while working with internal departments/business units to appropriately remedy them. Communicates audit results and prepares written documentation/reports, disclosing all significant deficiencies to management. Facilitates internal training on compliance requirements.

Responsibilities May Include

  • Conducts ongoing SOC 2 audits, assessing risk in terms of SOC 2 Trust Service Principles security controls
  • Identifies risk and evaluates deficiencies while working with internal departments/business units to appropriately remedy them.
  • Communicates audit results and prepares written documentation/reports as it relates to SOC 2, disclosing all significant deficiencies to management. 
  • Facilitates internal training on requirements of SOC 2 compliance.
  • Perform other team duties as require

Qualifications

  • 3-5 years of experience providing support for corporate compliance efforts
  • Experience with SOC 2 Type 2, PCI DSS, HiTrust, Sarbanes Oxley, ISO 27001, Privacy Shield
  • Demonstrate in-depth knowledge associated with HIPAA compliance and NIST security framework
  • Experience with creating, updating corporate IT and Security policies and procedures
  • Ability to manage time effectively to meet deliverables when working different teams in different time zone
  • Highly motivated individuals with focus on accountability and following up 
  • Excellent written and verbal communication skills 
  • Experience with RFI and RFP support is desired
  • Experience with Safe Harbor is also desired
  • Education/Certifications
    • Bachelor’s degree in related discipline or equivalent experience is required
    • CISM, CISA, GCEIT, CRISC certification are a plus 

Our company is committed to ensuring that its workforce reflects America’s diverse population. Rally Health knows that such diversity will enrich us with the talent, energy, perspective, and inspiration it needs to achieve its mission. Rally Health believes in a policy of equal employment and opportunity for all people based on merit and commitment to the principles of diversity. It is our policy to recruit, hire, train, and promote individuals in all job titles, and administer all programs, without regard to race, color, religion, national origin or ancestry, citizenship, sex, age, marital status, pregnancy, childbirth or related medical conditions, personal appearance, sexual orientation, gender identity or expression, home responsibilities, genetic information, disability, matriculation, political affiliation, veteran status, union affiliation, or any other category protected by applicable federal, state or local laws.

Individuals with disabilities and veterans are requested and encouraged to apply. Applicants who require an accommodation related to the application and/or review process should notify Talent Acquisition (recruiting@rallyhealth.com). Pursuant to the San Francisco Fair Chance Ordinance, we will consider for employment qualified you with arrest and conviction records