GRC Analyst at Modernizing Medicine

Boca Raton, Florida, United States

Apply Now
Modernizing Medicine Logo
Not SpecifiedCompensation
Junior (1 to 2 years)Experience Level
Full TimeJob Type
UnknownVisa
Healthcare, Health TechnologyIndustries

Requirements

  • Bachelor’s degree in Information Security, Cybersecurity, or Information Technology or equivalent education and experience
  • Minimum of 3-5 years of experience in information security GRC, or related fields
  • Experience with PCI, HIPAA, SOC2, CIS Controls, and risk management, enterprise security risk management
  • Familiarity with healthcare industry regulations and standards is a plus
  • Proficiency in PCI and security risk assessments methodologies and tools
  • Excellent problem-solving skills
  • Strong communication and interpersonal skills
  • Strong understanding of security frameworks and standards (NIST CSF, PCI, HIPAA, SOC2, CIS Controls)
  • Experience with GRC tools and technologies PCIP, ISA CISA Certification

Responsibilities

  • Develop and maintain cybersecurity policies, procedures, and standards
  • Ensure alignment of cybersecurity practices with business objectives and regulatory requirements
  • Assist in the creation and management of the cybersecurity governance framework
  • Conduct risk assessments on third parties to identify and evaluate potential cybersecurity risks
  • Develop and implement risk mitigation strategies and controls
  • Monitor and report on risk management activities and the effectiveness of controls
  • Ensure compliance with industry regulations and standards (PCI, HIPAA, SOC2)
  • Conduct regular audits and assessments to ensure adherence to compliance requirements
  • Collaborate with internal and external auditors during compliance reviews and audits
  • Develop and deliver cybersecurity awareness training materials
  • Promote a culture of cybersecurity awareness across the organization
  • Monitor and report on the effectiveness of security awareness initiatives
  • Prepare regular reports on GRC activities and metrics for senior security management
  • Maintain comprehensive documentation of all GRC activities, policies, and procedures
  • Ensure proper documentation of risk assessments, audit findings, and compliance activities

Skills

Key technologies and capabilities for this role

GRCCybersecurityRisk AssessmentRisk ManagementGovernance FrameworksCompliancePolicy DevelopmentRegulatory Compliance

Questions & Answers

Common questions about this position

What is the location or work arrangement for this GRC Analyst role?

ModMed has global headquarters in Boca Raton, FL, offices in Hyderabad, India, and supports a robust remote workforce across the US, Chile, and Germany.

What key skills and experience are required for the GRC Analyst position?

The role requires a strong understanding of GRC frameworks, experience in risk assessment and management, and the ability to collaborate across departments. Specific responsibilities include conducting risk assessments on third parties, ensuring compliance with PCI, HIPAA, SOC2, and developing cybersecurity policies.

What is the company culture like at Modernizing Medicine?

The company consists of a team of bright, passionate, and positive problem-solvers united in a mission to place doctors and patients at the center of care through innovative software, with over 3400 team members serving eleven specialties.

What does the GRC Analyst role involve in terms of responsibilities?

The role covers governance (developing policies and standards), risk management (assessments and mitigation), compliance (PCI, HIPAA, SOC2 audits), security awareness training, and reporting/documentation.

What makes a strong candidate for the GRC Analyst position?

A driven candidate with strong GRC framework knowledge, risk assessment experience, cross-departmental collaboration skills, and familiarity with regulations like PCI, HIPAA, and SOC2 to enhance cybersecurity posture.

Modernizing Medicine

Specialty-specific electronic health record systems

Website

About Modernizing Medicine

Modernizing Medicine provides specialty-specific Electronic Health Records (EHR) systems designed to improve the workflow of healthcare providers. Their main products, EMA and gGastro EHR, help users manage patient information and administrative tasks more efficiently, allowing them to concentrate on patient care. These systems adapt to the specific practices of each user, enhancing their effectiveness. Unlike many competitors, Modernizing Medicine focuses on tailored solutions for various medical specialties, which sets them apart in the healthcare technology market. The company's goal is to streamline healthcare delivery and improve patient outcomes by providing tools that simplify administrative processes.

Boca Raton, FloridaHeadquarters
2010Year Founded
$360.6MTotal Funding
LATE_VCCompany Stage
Biotechnology, HealthcareIndustries
1,001-5,000Employees

Benefits

Health Insurance
Dental Insurance
Vision Insurance
Life Insurance
Disability Insurance
Health Savings Account/Flexible Spending Account
Unlimited Paid Time Off
Paid Vacation
Paid Sick Leave
Paid Holidays
Parental Leave
401(k) Retirement Plan
401(k) Company Match
Professional Development Budget
Conference Attendance Budget
Hybrid Work Options
Remote Work Options
Wellness Program

Risks

Potential sale by Warburg Pincus could lead to strategic shifts misaligned with current goals.
Resistance to AI technologies may slow implementation and affect user satisfaction.
Dependency on Medtronic's technology poses risks if partnership faces challenges or strategic changes.

Differentiation

ModMed offers specialty-specific EHR systems, enhancing workflow efficiency for healthcare providers.
Their EHR systems, EMA and gGastro, adapt to user practices, increasing adaptability.
ModMed integrates AI technologies, like Medtronic's GI Genius, to improve procedural accuracy.

Upsides

ModMed consistently ranks #1 in G2's 2024 Grid Reports for EHR and RCM software.
Collaboration with Brevium enhances patient re-engagement, boosting retention in gastroenterology practices.
Appointment of Dan Costantino as CISO strengthens cybersecurity, crucial for healthcare data protection.

Related Jobs

Remote
Remote iconRemote

Senior Compliance Analyst

Earnest
Salary not specified
  • Employment type iconFull Time
  • Experience level iconJunior (1 to 2 years)
United States
Remote iconRemote

GRC (Governance, Risk, and Compliance) Analyst

YipitData
Salary not specified
  • Employment type iconFull Time
  • Experience level iconEntry Level & New Grad
Remote
Remote iconRemote

Regulatory & Security Compliance Analyst

Rain
Salary not specified
  • Employment type iconFull Time
  • Experience level iconSenior (5 to 8 years), Expert & Leadership (9+ years)
United States
Remote iconRemote

Senior Compliance Specialist

Wisk
Salary not specified
United States
Remote iconRemote

Senior Risk Analyst

Signifyd
Salary not specified
  • Employment type iconFull Time
  • Experience level iconSenior (5 to 8 years)
United States
Remote iconRemote

Information Security Compliance Analyst

Bonterra
Salary not specified
Remote
Remote iconRemote

Compliance Analyst II

Garner Health
Salary not specified
  • Employment type iconFull Time
  • Experience level iconJunior (1 to 2 years)

Land your dream remote job 3x faster with AI

Try Jobo Free