Information Security Analyst, GRC jobs in United States
cer-icon
Apply on Employer Site
company-logo

Paytient · 8 hours ago

Information Security Analyst, GRC

positionUnited States
timeFull-time
remoteRemote
seniorityEntry, Mid Level
date2+ years exp

Paytient is on a mission to help people better access and afford care. They are seeking an Information Security GRC Analyst to manage compliance frameworks and ensure security controls are integrated into operational workflows.

Employee BenefitsFinTechHealth CarePayments

Responsibilities

HITRUST and SOC2 Alignment: Manage the alignment of internal policies, procedures, and controls with the HITRUST CSF and SOC2. Contribute to the design and implementation of robust security controls across the organization
Policy Governance: Collaborate with stakeholders to draft and update information security policies and standards, ensuring they are well-designed and meet stringent requirements
Audit Facilitation: Act as a primary participant in SOC2 and HITRUST assessments and audits, managing evidence gathering, documentation, and technical interaction with external auditors
Control Validation: Work closely with IT and Security teams to verify that controls are designed correctly and operating effectively within our environment
Risk & Vulnerability Tracking: Assist in identifying vulnerabilities and participate in risk assessments for proposed business changes to ensure they do not compromise our compliance posture
Vendor Management: Facilitate the Vendor Management Program by performing third party risk reviews for a broad range of technology vendors and reporting risk findings to technology stakeholders

Qualification

HITRUST CSFSOC2Risk ManagementInformation SecurityVendor ManagementTechnical AcumenJiraGoogle WorkspaceGRC PlatformsWritten Communication

Required

Verifiable experience leading or playing a high-level role in a successful Information Security GRC program that encompasses vendor lifecycle management, alignment with compliance frameworks, and risk management
2+ years in Information Security, IT Audit, or a Security GRC role
A strong understanding of networking, operating systems, cloud security, and encryption
An in-depth knowledge of HITRUST CSF and SOC2 and a working knowledge of NIST and ISO 27001
Exceptional written communication skills with the ability to create clear, accurate documentation that stands up to auditor scrutiny
Experience with Jira, Google Workspace, and GRC platforms such as Vanta, Drata, or similar products

Benefits

Medical, dental and vision insurance
$4,400 annual HSA contribution
Paytient Health Payment Account (HPA)
Monthly lifestyle spending stipend
Five weeks of annual PTO
Week-long fully paid 'summer break' for all employees!
Ten weeks of bonding leave for new parents
Two weeks of caregiver leave
Employer paid short-term and long-term disability
401k plan access with a 4% employer match
Stock options in Paytient

Company

Paytient

twittertwittertwitter
company-logo
Paytient helps people make better healthcare decisions by improving their ability to pay for care.
dateFounded in 2018
location
Columbia, Missouri, USA
people-size51-200 employees
web-link
https://www.paytient.com

Funding

Current Stage
Growth Stage
Total Funding
$102.9M
Key Investors
Trinity CapitalMercato PartnersSilicon Valley Bank
2025-06-03Series C· $40M
2023-01-10Series B· $33M
2023-01-10Debt Financing· $7.5M

Leadership Team

leader-logo
Brian Whorley
Founder, CEO
linkedin
D
Daniel Lynn
Chief Technology Officer
linkedin

Recent News

PR Newswire
Paytient and Mark Cuban Cost Plus Drug Company Team Up to Help People Find--and Pay for--Lower-Cost Prescriptions
2025-09-12
Morningstar.com
Weekly Recap: 12 Health Press Releases You Need to See
2025-09-12
MedCity News
Healthcare Moves: A Monthly Summary of Hires, Exits and Layoffs
2025-09-01
Company data provided by crunchbase