IT Compliance, GRC Analyst
LifeMD
full-time
Posted on:
Location Type: Remote
Location: Remote • California, New York • 🇺🇸 United States
Visit company websiteJob Level
Mid-LevelSenior
Tech Stack
SDLC
About the role
- **Core Responsibilities**
- - Support SOX and HIPAA controls by helping design, document, and maintain ITGCs and operational controls
- - Maintain documentation such as control narratives, flowcharts, risk and control matrices, and evidence repositories
- - Assist remediation efforts by coordinating with IT and business teams, validating remediation evidence, and tracking closure of deficiencies
- - Perform risk assessments and gap analyses for IT systems that handle PHI and financial data
- - Automate and monitor controls through scheduled reviews, scripts, or tooling to reduce manual effort and improve coverage
- - Support audits and vendor reviews by preparing workpapers, answering auditor questions, and helping with vendor control questionnaires
- - Perform vendor and third-party assessments for SaaS providers ensuring appropriate controls are in place and evidenced
Requirements
- **Basic Qualifications:**
- - Bachelor’s degree in a related field or equivalent experience
- - Relevant experience with IT controls, IT audit, SOX testing, IT risk, HIPAA, or related functions
- - Practical understanding of HIPAA Security and Privacy requirements and how they apply to IT systems that handle PHI
- - Technical foundation with identity and access management, change management, SDLC, backup and recovery, and logging/monitoring
- - Hands-on experience collecting and organizing audit evidence and documenting control testing procedures
- **Preferred Qualifications:**
- - Relevant certification(s) (CISA, CRISC, CPA, CHPS)
- - Healthcare or healthtech industry experience
- - Written and verbal communication skills with the ability to create concise documentation and explain technical details to nontechnical stakeholders.
Benefits
- - Health Care Plan (Medical, Dental & Vision)
- - Retirement Plan (401k, IRA)
- - Life Insurance (Basic, Voluntary & AD&D)
- - Unlimited PTO Policy
- - Paid Holidays
- - Short Term & Long Term Disability
- - Training & Development
Applicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard skills
IT controlsIT auditSOX testingIT riskHIPAAidentity and access managementchange managementSDLCbackup and recoverylogging/monitoring
Soft skills
written communicationverbal communicationdocumentation skillstechnical explanation
Certifications
CISACRISCCPACHPS