Lead IT Security GRC Analyst

Position: Lead IT Security GRC AnalystMonogram Health is actively seeking an accomplished and motivated Lead IT Security Governance Risk and Compliance (GRC) Analyst who shares our commitment to information security as a cornerstone in safeguarding our organization. The Lead IT Security GRC Analyst will be part of a fast-paced environment that pushes you to learn while doing. This role needs to be both strategic and intensely focused on GRC with an emphasis on process, scalability, and automation to ensure our security posture aligns seamlessly with business objectives. We value experience in collaborating with key stakeholders, understanding regulatory requirements, and implementing effective security strategies.The Lead IT Security GRC Analyst will serve as the process owner for all ongoing activities related to the availability, integrity and confidentiality of the patient, provider, employee and business information in compliance with Monogram Health's Information Security policies and procedures. This is a team-oriented group that works together to implement and manage security controls, tools and processes. The successful candidate will be curious, creative, and highly interested in the latest security developments. This role is based in the Brentwood, TN office.ResponsibilitiesLead security risk management efforts. Contribute to the development of the organization's overall security strategy and provide strategic input for security initiatives and projects Lead and mentor a team of GRC security professionalsDevelop security awareness materials and manage phishing simulationAnticipate security threats that generate alerts, incidents, and disasters and recommend controls to reduce their likelihoodDevelop, implement, and maintain risk mitigation strategies and action plans with key stakeholdersMonitor and report on risk metrics and trends. Prepare reports that document security incidents and breaches and the extent of the damage caused by the breachesCollaborate with the Compliance Department to ensure Monogram Health’s compliance with relevant laws, regulations, certifications, assessments, and industry standardsFacilitate third-party security assessments and audits, such as HIPAA security risk assessments and HITRUST assessments. Assess, manage, maintain, and enhance the third-party vendor risk management program and ensure third-party compliance with security standardsCollaborate with other departments to integrate security into business processesIdentify and implement continuous improvement initiatives within the security GRC function to enhance security postureStay informed about industry trends and best practices. Assist in incidents and security breaches to determine root causesLead annual policies and procedures reviews and updatesPosition RequirementsBachelor's degreeMinimum of three (3) years of experience in information security governance, risk, and compliance and AI security and data privacy governance and controls implementationFamiliarity with industry standards and regulations including PCI, HIPAA, NIST, HITRUST, and IS0 27007Demonstrated interpersonal, verbal, and written communication skillsWorking knowledge of and experience in the policy and regulatory environment of information security, especially in healthcare is preferredDemonstrated entrepreneurial spirit, humility, and comfort working in and contributing to a dynamic and cross-functional team environment. Keep constantly updating job knowledge by participating in educational opportunities; reading professional publications; maintaining personal networks; participating in professional organizationsCISSP, CISM, CISA, CRISC certifications or like preferredBenefitsComprehensive Benefits - Medical, dental, and vision insurance, employee assistance program, employer-paid and voluntary life insurance, disability insurance, plus health and flexible spending accountsFinancial & Retirement Support – Competitive compensation, 401k with employer match, and financial wellness resourcesTime Off & Leave – Paid holidays, flexible vacation time/PSSL, and paid parental leaveWellness & Growth – Work life assistance resources, physical wellness perks, mental health support, employee referral program, and BenefitHub for employee discounts About Monogram HealthMonogram Health is a leading multispecialty provider of in-home, evidence-based care for the most complex of patients who have multiple chronic conditions. Monogram health takes a comprehensive and personalized approach to a person’s health, treating not only a disease, but all of the chronic conditions that are present - such as diabetes, hypertension, chronic kidney disease, heart failure, depression, COPD, and other metabolic disorders.Monogram Health employs a robust clinical team, leveraging specialists across multiple disciplines including nephrology, cardiology, endocrinology, pulmonology, behavioral health, and palliative care to diagnose and treat health issues; review and prescribe medication; provide guidance, education, and counselling on a patient’s healthcare options; as well as assist with daily needs such as access to food, eating healthy, transportation, financial assistance, and more. Monogram Health is available 24 hours a day, 7 days a week, and on holidays, to support and treat patients in their home.Monogram Health’s personalized and innovative treatment model is proven to dramatically improve patient outcomes and quality of life while reducing medical costs across the health care continuum.