Governance Risk & Compliance (GRC) Analyst

As the Governance Risk & Compliance (GRC) Analyst, you will be a critical force in operationalizing and evolving DoseSpot’s security and compliance programs. You’ll collaborate cross-functionally to drive alignment and industry frameworks, proactively manage risk, and build scalable processes that keep us audit-ready and patient data secure. You’ll own day-to-day of compliance operations – from SOC 2 and HITRUST audits, to refining third-party risk assessments, to supporting the transformation of DoseSpot’s compliance program. You will manage risk and vulnerability assessments, validation testing, compliance reviews, and audit in accordance with both NIST and HITRUST standards and support SOC2 and HITRUST audits. You will also manage the development, maintenance, and version control of security policies and standards ensuring compliance with emerging regulations and company practices.