Cybersecurity GRC Analyst
Bitcoin Depot- Full Time
- Mid-level (3 to 4 years)
Candidates should possess 5+ years of work experience in Information Security, specifically within a Governance, Risk, and Compliance (GRC) analysis role, and experience working in highly regulated industries such as health tech, banking, or insurance. They should have demonstrated experience leading SOC 2 audits and/or HITRUST certifications with minimal findings, along with experience deploying GRC solutions like Drata or similar unified control frameworks.
The Senior Security GRC Analyst will perform risk assessments and generate reports on Alma’s risk management program, collaborate with stakeholders to identify and implement mitigating controls, streamline and maintain Alma’s security policies and standards, prepare the organization for annual audits and certifications including SOC 2 and PCI, educate Alma’s staff by developing and managing a security awareness program, develop and maintain a vendor risk program ensuring vendor compliance with Alma security standards, and develop and measure key metrics related to cybersecurity priorities.
Digital platform connecting clients with therapists
Alma connects individuals seeking mental health services with a variety of therapists through its digital platform, helloalma.com. The platform primarily serves clients looking for therapy for issues like anxiety, depression, personal growth, and relationship challenges. Alma's approach focuses on making therapy more affordable by partnering with insurance companies, allowing clients to save an average of 77% on therapy costs. This affordability is a key aspect that sets Alma apart from other mental health services. Additionally, Alma supports therapists by offering resources for continuing education and professional development, ensuring they are well-prepared to assist their clients. The company emphasizes the importance of the client-therapist relationship, aiming to match clients with therapists who best meet their individual needs. Alma operates on a membership model, where therapists pay a fee to access the platform's resources and client base.