Explore thousands of opportunities across Tech:NYC’s member network.


Associate Governance, Risk, and Compliance (GRC) Analyst



IT, Legal
Posted on Friday, June 28, 2024

Position Overview:

The Associate Governance, Risk, and Compliance (GRC) Analyst will be responsible for assisting in the development, implementation, and maintenance of our GRC programs. The ideal candidate is motivated, detail-oriented, and has an eagerness to learn. This role is an excellent opportunity for recent graduates or individuals looking to start their career in Governance, Risk, and Compliance. This is not a technical GRC role and will focus heavily on analysis, auditing, documentation and monitoring as well as working collaboratively across departments with stakeholders and technical owners. We’re seeking a people person with an analytical mind who is passionate about empowering and educating others on digital risk.

About Center of Excellence:

Centers of Excellence (COE) are teams whose primary goal is to provide expertise in a specific field. COEs will usually provide support through training, research, and skilled leaders. In the case of HealthEdge, our Centers of Excellence incorporate the Human Resources, IT, Legal and Financial fields, all of which provide support to our Product divisions and allows the enterprise to move forward and achieve its goals.

What you bring:

  • Bachelor's degree in Risk Management and/or Information Security

  • 0-2 years of experience in Governance, Risk Management, Compliance

  • Basic understanding of GRC principles, standards, and best practices
  • Proficiency in Microsoft Office Suite (Word, Excel, PowerPoint)
  • Excellent verbal and written communication to include strong presentation and relationship management skills
  • Internships, Co-ops, or academic projects related to GRC are a plus
  • Familiarity with HIPAA, HITRUST, or SOC-2 is a plus
  • Strong analytical and problem-solving skills

  • Detail-oriented with the ability to handle multiple tasks simultaneously

  • Proactive and eager to learn. Curiosity is a must!

  • Strong ethical standards and integrity

Your impact:

  • Assist in identifying, assessing, and monitoring risks across the organization.

  • Support the development and implementation of risk mitigation strategies.

  • Help ensure the company’s compliance with external requirements and internal policies.

  • Participate in external security assurance audits and assessments including assisting with documentation preparation, evidence collection, and communications.

  • Support the development, maintenance, and adoption of the enterprise GRC platform ensuring accurate and timely artifact collection.

  • Assist in the documentation and maintenance of policies, procedures, and standards.

  • Help monitor and respond to security incidents and vulnerabilities.

  • Assist in conducting exercises and investigations while helping to prepare after-action reports and executive summaries.

  • Help maintain metrics dashboards and provide regular reports and presentations on GRC activities and initiatives.

  • Assist in the development and delivery of GRC training programs for employees.

  • Promote security awareness and knowledge of GRC policies and procedures across the organization.

HealthEdge commits to building an environment and culture that supports the diverse representation of our teams. We aspire to have an inclusive workplace. We aspire to be a place where all employees have the opportunity to belong, make an impact and deliver excellent software and services to our customers.

Geographic Responsibility: Remote Role adhering to EST Working Hours
Type of Employment: Full-time, permanent

Work Environment: The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job:

  • The employee is occasionally required to move around the office. Specific vision abilities required by this job include close vision, color vision, peripheral vision, depth perception, and ability to adjust focus.

  • Work across multiple time zones in a hybrid or remote work environment.

  • Long periods of time sitting and/or standing in front of a computer using video technology.

  • May require travel dependent on company needs.

The above statements are intended to describe the general nature and level of the job being performed by the individual(s) assigned to this position. They are not intended to be an exhaustive list of all duties, responsibilities, and skills required. HealthEdge reserves the right to modify, add, or remove duties and to assign other duties as necessary. In addition, reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions of this position in compliance with the Americans with Disabilities Act of 1990. Candidates may be required to go through a pre-employment criminal background check.