Aledade, Inc.

Security Engineer II (GRC), Remote

Aledade, Inc.  •  United States (Remote)  •  1 month ago
Apply
Save Job
Mark Applied Mark Interviewed Mark Offered
Hide Job Report Job
AI can make mistakes so check important info. Chat history is never stored.

Job Description

We're looking for someone with solid expertise in GRC frameworks, risk assessment methodologies, and compliance standards. You'll leverage this knowledge to:
1. Design, implement, and maintain robust governance, risk, and compliance processes, ensuring adherence to healthcare security standards including HIPAA, HITRUST, and SOC2. 2. Collaborate cross-functionally with various teams to align GRC solutions with organizational security requirements, facilitating compliant and efficient operations across the enterprise. 3. Drive impactful compliance outcomes that directly strengthen our regulatory posture and support our critical security attestation initiatives.
Your ability to partner effectively across teams will be crucial in this role as we continue to mature our GRC capabilities.

Primary Duties:

  • Working cross-functionally to design, build, and operate GRC solutions that improve and mature our compliance capabilities.
  • a. Implement and optimize security questionnaire and trust assessment workflows
  • b. Develop automated compliance monitoring and reporting mechanisms
  • c. Design scalable GRC processes that support business growth

  • Leveraging data and risk analytics to understand compliance trends, metrics, and opportunities to improve our security posture, researching regulatory requirements, and then making recommendations to address compliance gaps with stakeholders.
  • a. Analyze security assessment results and third-party risk evaluations
  • b. Track and report on key risk indicators and compliance metrics
  • c. Research emerging GRC requirements and industry best practices

  • Supporting and enhancing incident/issues response efforts from a compliance perspective, contributing to analysis, containment, and mitigation strategies in a cross-functional environment to ensure effective resolution and regulatory adherence
  • a. Assess compliance implications of security incidents
  • b. Support breach notification and regulatory reporting requirements
  • c. Coordinate with legal and compliance teams on incident response

  • Helping craft and refine GRC documentation pertinent to our Security Program, such as policies, standards, risk assessments, and compliance procedures
  • a. Maintain security questionnaire response repository and knowledge base
  • b. Develop and update GRC policies, procedures, and control documentation
  • c. Create compliance training materials and guidance documents 

Minimum Qualifications:

  • BS / BTech (or higher) in Computer Science, Information Technology, Cybersecurity or a related field.
  • 2+ years combined experience as a security or GRC professional in an enterprise environment (preferably healthcare or highly regulated industry).
  • Experience in Governance, Risk, and Compliance functions, including hands-on experience with GRC frameworks (SOC2, HIPAA, HITRUST, NIST).

Preferred Knowledge, Skills and/or Abilities:

  • Domain Specific KSAs - Governance, Risk, and Compliance (GRC)
  • Knowledge of GRC frameworks and regulations (SOC 2, HIPAA, SOX/ITGC, HITRUST, CPRA, NIST, ISO 27001).
  • Skilled in leveraging GRC platforms (e.g., Vanta, OneTrust) to automate compliance and streamline controls monitoring.

Physical Requirements:

  • Sitting for prolonged periods of time. Extensive use of computers and keyboard. Occasional walking and lifting may be required.
Who We Are:Aledade, a public benefit corporation, exists to empower the most transformational part of our health care landscape - independent primary care. We were founded in 2014, and since then, we've become the largest network of independent primary care in the country - helping practices, health centers and clinics deliver better care to their patients and thrive in value-based care. Additionally, by creating value-based contracts across a wide variety of health plans, we aim to flip the script on the traditional fee-for-service model. Our work strengthens continuity of care, aligns incentives and ensures primary care physicians are paid for what they do best - keeping patients healthy. If you want to help create a health care system that is good for patients, good for practices and good for society - and if you're eager to join a collaborative, inclusive and remote-first culture - you've come to the right place.
What Does This Mean for You?At Aledade, you will be part of a creative culture that is driven by a passion for tackling complex issues with respect, open-mindedness and a desire to learn. You will collaborate with team members who bring a wide range of experiences, interests, backgrounds, beliefs and achievements to their work - and who are all united by a shared passion for public health and a commitment to the Aledade mission.
In addition to time off to support work-life balance and enjoyment, we offer the following comprehensive benefits package designed for the overall well-being of our team members:
Flexible work schedules and the ability to work remotely are available for many rolesHealth, dental and vision insurance paid up to 80% for employees, dependents and domestic partnersRobust time-off plan (21 days of PTO in your first year)Two paid volunteer days and 11 paid holidays12 weeks paid parental leave for all new parentsSix weeks paid sabbatical after six years of serviceEducational Assistant Program and Clinical Employee Reimbursement Program401(k) with up to 4% matchStock optionsAnd much more!
At Aledade, we don’t just accept differences, we celebrate them! We strive to attract, develop and retain highly qualified individuals representing the diverse communities where we live and work. Aledade is committed to creating a diverse environment and is proud to be an equal opportunity employer. Employment policies and decisions at Aledade are based on merit, qualifications, performance and business needs. All qualified candidates will receive consideration for employment without regard to age, race, color, national origin, gender (including pregnancy, childbirth or medical conditions related to pregnancy or childbirth), gender identity or expression, religion, physical or mental disability, medical condition, legally protected genetic information, marital status, veteran status, or sexual orientation.
Privacy Policy: By applying for this job, you agree to Aledade's Applicant Privacy Policy available at  https://www.aledade.com/privacy-policy-applicants
Aledade, Inc.

About Aledade, Inc.

Aledade is the largest network of independent primary care, enabling clinicians to deliver better patient outcomes and generate more savings revenue through value-based care. Aledade’s data, personal coaching, user-friendly workflows, health care policy expertise, strong payer relationships and integrated care solutions enable primary care organizations to succeed financially by keeping people healthy. Together with more than 2,400 practices and community health centers in 46 states and the District of Columbia, Aledade manages accountable care organizations that share in the risk and reward across more than 200 value-based contracts representing nearly 3 million patient lives. To learn more, visit www.aledade.com.

Industry
Healthcare & Social Services
Company Size
1,001-5,000 employees
Headquarters
Bethesda, Maryland
Year Founded
2014
Website
aledade.com
Social Media