GRC Third Party Risk Analyst
About Ro
Ro is the healthcare technology company building a patient-centric healthcare system. Ro's vertically-integrated primary care platform powers a personalized, end-to-end healthcare experience from diagnosis, to delivery of medication, to ongoing care. With a nationwide provider network, in-home care API, and proprietary pharmacy distribution centers, Ro is the only company to seamlessly connect telehealth and in-home care, diagnostics, and pharmacy services nationwide to provide high-quality, affordable healthcare without the need for insurance. Since 2017, Ro has facilitated more than six million digital healthcare visits in nearly every county in the United States, including 98% of primary care deserts. Ro also provides its patient-centric solutions including Workpath, its in-home care API, and Kit, its at-home diagnostic testing service, to other healthcare companies. Visit Ro.co for more information.
Ro was named #2 in Wellness on Fast Company's 2019 list of the World's Most Innovative Companies, listed by Inc. Magazine as a Best Place to Work in 2020 and 2021, and named one of FORTUNE's 2021 Best Workplaces In Health Care.
The Governance Risk and Compliance Third Party Analyst role will support Ro’s CISO, Director of GRC by participating in the implementation of our GRC tools bringing their Risk and Compliance experience into the conversation and guiding the implementation team toward best practice. Nested under our CISO organization, the GRC team is Ro’s center of gravity for all matters Third Party Risk Management. Within GRC, the GRC Third Party Risk Analyst is the primary point of contact for our Third-Party Risk Management program.
*This role has the ability to sit out of our NYC office once safe to do so or remote*
• 4+ Years of Third-Party Risk Management assessment experience
• GRC tool experience (Archer, etc.)
• In-depth knowledge of control frameworks
• Bachelor’s degree or equivalent experienced
• CISA, CISM, CRISC certifications a plus
• Supports development of information security risk and compliance processes to ensure treatment of cybersecurity risk are aligned with Ro’s risk appetite including the assessment of internal and external processes, systems, applications and services.
• Advise on the impact of privacy requirements and industry best practices to identify impact to business and technology initiatives
• Facilitates the overall third-party risk and contracting process
• Full medical, dental, and vision insurance + OneMedical membership
• Healthcare and Dependent Care FSA
• Commuter benefits
• 401(k)
• Flexible PTO
• Fitness reimbursement
• Paid maternity/parental leave
• A never-ending supply of office snacks + coffee + tea
• The cutest office dog you’ve ever seen
We welcome qualified candidates of all races, creeds, genders, and sexuality to apply.
See our California Privacy Policy here.