Senior Security Compliance Analyst
Minneapolis, MN
Full Time Senior-level / Expert USD 104K - 145K
RVO Health
The RVO Health portfolio helps nearly 100 million people a month seek health information, find doctors, save money, and effectively manage their health and wellbeing. Our family of industry-leading websites, products and services help guide...AT A GLANCE
RVO Health is a first-of-its-kind comprehensive consumer healthcare platform that meets people where they are in their personal journeys and connects them with both the information and the care they need. RVO Health is a partnership between Red Ventures and UnitedHealth Group. Together we’re focused on delivering on our vision of a stronger and healthier world. RVO Health has the largest consumer health and wellness audience online. Every month, we help nearly 100 million people take steps on their daily journey to lifelong well-being.
As part of our RVO Health Security team, you will design and execute strategic GRC initiatives that drive risk reduction across the organization. You will work in a collaborative Agile environment, working closely with the business, IT, legal, privacy, and engineering teams. You will apply your skills in a highly dynamic, innovative, cloud-native environment with a strong security-minded culture.
Where You'll Be
To prioritize togetherness, culture, and accountability, RVO Health operates on a hybrid in-office work schedule. We expect employees to work from our Minneapolis office Tuesday, Wednesday and Thursday each week. You are welcome to work remotely Mondays and Fridays if you wish.
11000 Optum Cir Eden Prairie, MN 55344
What You’ll Do
- Develop, implement, and maintain a comprehensive GRC program to ensure compliance with relevant laws, regulations, and industry standards (e.g., HIPAA, PCI DSS).
- Conduct risk assessments, identify potential vulnerabilities, and recommend mitigation strategies to protect the organization's assets and data.
- Collaborate with cross-functional teams, including IT, Legal, and Privacy, to achieve successful external audits and to ensure consistent application of GRC policies and procedures across the organization.
- Review and enhance the output of automation systems for security questionnaires and 3rd party vendor assessments.
- Develop and deliver training programs to educate employees on GRC policies, procedures, and best practices.
- Prepare reports and presentations for senior management, highlighting compliance status, risk exposure, and recommended actions.
What We’re Looking For
- Bachelor's degree in a relevant field or equivalent experience.
- Minimum 5 years of experience in a GRC role, preferably in the healthcare industry.
- In-depth knowledge of GRC frameworks, standards, and best practices (e.g., COBIT, NIST, ISO).
- Experience in conducting audits and developing audit plans (e.g., SOC2, HITRUST).
- Strong analytical and problem-solving skills, with the ability to interpret complex regulations and translate them into practical solutions.
- Excellent communication and interpersonal skills, with the ability to effectively collaborate with stakeholders at all levels.
- Proven project management and organizational skills, with the ability to prioritize and manage multiple workstreams simultaneously.
Nice to Have
- Professional certifications in relevant areas (e.g., CISA, CRISC, CISSP, CGRC).
- Experience with GRC software tools and automation (e.g., Vanta, KnowBe4).
- Knowledge of data privacy and security regulations (e.g. CCPA).
Pursuant to various state Fair Pay Acts, below is a summary of compensation elements for this role at the company. The following benefits are provided by RVO Health, subject to eligibility requirements.
- Starting Salary: $104,000 - $145,000
*Note actual salary is based on geographic location, qualifications and experience - Access to a Free Udemy for Business subscription—thousands of hours of learning content on hundreds of different subjects at your fingertips
- Health Insurance Coverage (medical, dental, and vision)
- Life Insurance
- Short and Long-Term Disability Insurance
- Flexible Spending Accounts
- Paid Time Off
- Holiday Pay
- 401(k) with match
- Employee Assistance Program
- Paid Parental Bonding Benefit Program
- Pharmacy Benefits
- Income Protection Plans
- Pet Services Plans
- Mental Health Support
- Wellness Coaching
- HSA- Health Savings Account
- Commuter Benefits
- Gym & Fitness Center Discount Program
Who We Are:
Founded in 2022, RVO Health is a new healthcare platform of digital media brands, services and technologies focused on building relationships with people throughout their health & wellness journey. We meet people where they are in their personal health journeys and connect them with both the information and the care they need. RVO Health was created by joining teams from both Red Ventures and UnitedHealth Group’s Optum Health. Together we’re focused on delivering on our vision of a stronger and healthier world.
RVO Health is comprised of Healthline Media (Healthline, Medical News Today, Psych Central, Greatist and Bezzy), Healthgrades, FindCare and PlateJoy; Optum Perks, Optum Store and the virtual coaching platforms Real Appeal, Wellness Coaching, and QuitForLife.
We offer competitive salaries and a comprehensive benefits program for full-time employees, including medical, dental and vision coverage, paid time off, life insurance, disability coverage, employee assistance program, 401(k) plan and a paid parental leave program.
RVO Health is an equal opportunity employer that does not discriminate against any employee or applicant because of race, creed, color, religion, gender, sexual orientation, gender identity/expression, national origin, disability, age, genetic information, veteran status, marital status, pregnancy or any other basis protected by law. Employment at RVO Health is based solely on a person's merit and qualifications.
We are committed to providing equal employment opportunities to qualified individuals with disabilities. This includes providing reasonable accommodation where appropriate. Should you require a reasonable accommodation to apply or participate in the job application or interview process, please contact accommodations@rvohealth.com.
We do not provide visa sponsorship for this role at this time.
#LI-Hybrid
RVO Health Privacy Policy: https://rvohealth.com/legal/privacy
Tags: Agile Audits Automation CCPA CISA CISSP Cloud COBIT Compliance CRISC HIPAA HITRUST NIST PCI DSS Privacy Risk assessment SOC 2 Vulnerabilities
Perks/benefits: 401(k) matching Career development Competitive pay Flex hours Flexible spending account Flex vacation Health care Insurance Medical leave Parental leave Wellness
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Senior Security Analyst jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Cyber Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Principal Security Engineer jobs
- Open Manager Pentest H/F jobs
- Open Cyber Security Specialist jobs
- Open Product Security Engineer jobs
- Open Staff Security Engineer jobs
- Open Senior Information Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Chief Information Security Officer jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Cybersecurity Consultant jobs
- Open IT Security Analyst jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Security Specialist jobs
- Open Security Researcher jobs
- Open Cybersecurity Specialist jobs
- Open Senior Security Architect jobs
- Open IT Security Engineer jobs
- Open Sr. Security Engineer jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open ISO 27001-related jobs
- Open Pentesting-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open SaaS-related jobs
- Open Analytics-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Security assessment-related jobs
- Open Java-related jobs
- Open Malware-related jobs
- Open Security Clearance-related jobs
- Open IDS-related jobs
- Open DevOps-related jobs
- Open Forensics-related jobs
- Open CEH-related jobs
- Open Kubernetes-related jobs
- Open EDR-related jobs