Senior GRC Analyst

Garner Health is a rapidly growing healthcare technology company dedicated to transforming the healthcare economy by delivering high-quality and affordable care for all. The company partners with employers to redesign healthcare benefits using clear incentives and data-driven insights, guiding employees to higher-quality, lower-cost care. As a Senior GRC Analyst, you will join the Technical Compliance team to ensure Garner's compliance across security frameworks such as ISO 27001, SOC 2, HITRUST, and HIPAA. This role is open to remote candidates across the U.S., with a hybrid schedule for those based in New York City.

In this position, you will manage and support compliance certifications, including SOC 2, HITRUST, and ISO 27001 audits, and conduct control testing throughout the audit lifecycle. You will serve as the subject matter expert on compliance frameworks, act as the primary point of contact for external auditors, and maintain Garner's Security and Privacy trust center. Additionally, you will oversee the risk register, drive risk identification and reporting, manage the maintenance of compliance policies and procedures, and report on compliance posture to senior leadership. A key aspect of this role is to scale the GRC function with AI and automation, collaborating with Engineering to automate repetitive tasks.

The ideal candidate will have over five years of experience in GRC, IT audit, or information security compliance, with prior experience in HITRUST, SOC 2, and ISO 27001 audits. Hands-on experience with control design, evidence collection, and remediation in a cloud-native engineering environment is essential. Strong communication skills are required to effectively interact with engineers, operators, and executives. A GRC Engineering mindset with experience using scripting and large language models to automate tasks is preferred. Industry certifications such as CISA, CISM, CISSP, CRISC, or ISO 27001 Lead Auditor are advantageous.

Compensation for this role includes a target salary range of $132,000 to $165,000, with individual compensation depending on qualifications and applicable laws. In addition to base compensation, the position offers participation in equity incentives and a competitive benefits package, including flexible paid time off, medical, dental, and vision plan options, 401(k), and Teladoc Health services.

Garner Health fosters a mission-driven culture focused on transforming the healthcare system. The company values high performance, individual accountability, and authentic feedback. Employees describe the environment as empathetic and supportive, emphasizing relationship-building and trust. Garner Health offers opportunities for career growth and development, promoting a high-performing team where everyone is expected to deliver exceptional results.