FREE ACCESS
5,000–10,000 jobs/day
See all jobs on JobTailor
Search thousands of fresh jobs every day.
Discover
- Fresh listings
- Fast filters
- No subscription required
Create a free account and start exploring right away.
Senior Governance & Risk Analyst
Employer Direct HealthcareLantern seeking Senior Risk & Governance Analyst to join GRC team managing risk frameworks and compliance. This role involves cross-functional collaboration and addressing AI governance needs.
Tech Stack
Tools & technologiesServiceNow
About the role
Key responsibilities & impact- Support the build-out of Lantern’s risk register by conducting risk identification workshops, defining risk taxonomy, assigning ownership, and establishing likelihood/impact scoring
- Map current control environment against the NIST CSF function; document gaps and develop a prioritized remediation roadmap
- Establish recurring risk review cadence with business unit owners
- Maintain and evolve the risk register as a living document; produce regular risk reporting for leadership
- AI governance framework aligned to the NIST AI RMF — covering model risk assessment, bias considerations, transparency standards, and accountability structures
- Build and maintain an AI systems inventory with risk ratings; assess new use cases before deployment in partnership with Engineering and Product
- Monitor emerging AI regulatory guidance (HHS, EU AI Act, state-level) and translate into actionable controls
- Manage ongoing HIPAA Privacy and Security compliance programs: gap assessments, remediation tracking, and workforce training coordination
- Support SOC 2 Type II, HITRUST CSF, and other applicable audit cycles
- Support TPRM activities including vendor risk assessments and vendor tiering maintenance
Requirements
What you’ll need- Bachelor’s degree in Information Security, Healthcare Administration, Computer Science, or related field
- A minimum of 5 years’ experience in GRC, compliance, or information security
- A minimum of 3 years’ experience in healthcare or health-tech industries
- Direct & Hands-on experience with the following:
- Building or significantly maturing a risk register
- Performing or supporting HITRUST and/or SOC 2 audits
- HIPAA Privacy/Security Rule compliance programs
- NIST CSF or ISO 27001
- AI Specific Risk Management Frameworks such as NIST AI RMF or Similar frameworks
- Certifications (Preferred)
- CISA, CRISC, CISSP, CHC, or CHPC highly desirable
- HITRUST CCSFP a strong plus
- Technical Skills
- Proficiency with a GRC platform (Vanta, Drata, ServiceNow GRC, OneTrust, or equivalent)
- Working knowledge of AI/ML risk concepts and the NIST AI RMF
- Experience with third-party risk tools and structured vendor assessment workflows
- Ability to read, interpret, and operationalize regulatory guidance
Benefits
Comp & perks- Medical Insurance
- Dental Insurance
- Vision Insurance
- Short & Long Term Disability
- Life Insurance
- 401k with company match
- Flexible Time Off
- Paid Parental Leave
ATS Keywords
✓ Tailor your resumeApplicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard Skills & Tools
risk identificationrisk taxonomylikelihood scoringimpact scoringrisk reportingHIPAA complianceNIST CSFHITRUSTAI risk managementvendor risk assessments
Soft Skills
communicationorganizationalleadershipcollaborationproblem-solving
Certifications
CISACRISCCISSPCHCCHPCHITRUST CCSFP