Lead IT Security Compliance and Governance Analyst
About Ro
Ro is the healthcare technology company building a patient-centric healthcare system. Ro’s vertically integrated primary care platform powers a personalized, end-to-end healthcare experience from diagnosis, to delivery of medication, to ongoing care. With a nationwide provider network, in-home care API, and proprietary pharmacy distribution centers, Ro seamlessly connects telehealth, diagnostics, and pharmacy services to provide high-quality, affordable healthcare without the need for insurance. Since 2017, Ro has facilitated more than six million digital healthcare visits in nearly every county in the United States, including 98% of primary care deserts. Visit Ro.co for more information.
Ro was named #2 in Wellness on Fast Company’s 2019 list of the World’s Most Innovative Companies, listed by Inc. Magazine as a Best Place to Work in 2020, and earned its Great Place to Work Certification in 2020.
As a Lead IT Security Compliance & Governance Analyst at Ro, you will help lead the effort of identifying and maintaining IT security and compliance practices. You will achieve this by first, working closely with business units such as Legal, Engineering, Product, and Care teams in identifying risks. Second, by providing insightful subject matter expertise, analyses, and countermeasures. Third, you will further extend the growth of an innovative, safety, and privacy-minded healthcare tech culture by helping shape IT Security and compliance initiatives. Additionally, the opportunity at Ro as a Lead IT Security Compliance & Governance Analyst is full spectrum. Your professional development is “choose your own adventure” and genuinely supported.
What You’ll Do:
- Lead and monitor security awareness campaigns to educate the workforce
- Collaborate with Legal, IT, and Security in maintaining and updating company security policies
- Lead assessments and report on IT Security control effectiveness
- Lead IT compliance process improvements and related initiatives
- Lead quantitative risk practices, ongoing risk management, and associated initiatives
- Lead vendor security reviews in collaboration with Legal and technical security analysts teams
What You’ll Bring:
- Growth mindset and an innate passion for learning
- Exceptional communication practices (written, verbal, presentation)
- Security and regulatory compliance domain knowledge (e.g. SOC, HITRUST, ISO, Networks, systems, access controls, app sec, DLP, etc. )
- Minimum of 2 - 3 years of experience
Bonus Skills:
- Security certifications in good standing: EC-Council, ISC2 (CISSP), SANS GIAC, OSCP, etc.
- Startup experience in highly regulated industries such as Healthcare, FinTech, or Defense.
Benefits + Perks:
- Full medical, dental, and vision insurance
- A never-ending supply of office snacks + coffee
- Health FSA
- 401(k)
- Commuter benefits
- Unlimited PTO
- Gym benefits
- Maternity/paternity policy
- The cutest office dog you’ve ever seen
We welcome qualified candidates of all races, creeds, genders, and sexuality to apply.
See our California Privacy Policy here.