Security Engineer II (GRC), Remote

Aledade
1dRemote
Match Resume

About The Position

As a Security Engineer II on the Governance, Risk, and Compliance (GRC) team, you will be the primary engine driving our Security Questionnaire and Trust Assessment program. This is a critical role where you act as the bridge between our security posture and our external partners. You will lead the end-to-end process for inbound security assessments from our healthcare partners and outbound assessments of our vendor ecosystem. You will translate Aledade’s complex technical architecture into clear, compliant, and persuasive responses that demonstrate our commitment to HIPAA, HITRUST, and NIST standards.

Requirements

  • 3 - 5 years of experience in Governance, Risk, and Compliance, Information Security or related fields.
  • Practical experience working with SOC2, HIPAA, SOX/ITGC, HITRUST, and CPRA.
  • Demonstrated experience preparing organizations for external audits and regulatory certifications.
  • Hands-on experience with GRC platforms (e.g., Vanta, OneTrust, Archer, or similar).

Nice To Haves

  • Knowledge of GRC frameworks and regulations (SOC 2, HIPAA, SOX/ITGC, HITRUST, CPRA, NIST, ISO 27001).
  • Skilled in leveraging GRC platforms (e.g., Vanta, OneTrust) to automate compliance and streamline controls monitoring.

Responsibilities

  • Customer Trust & Enablement: Manage the end-to-end lifecycle of inbound security questionnaires from partner physician practices. Ensure responses are technically accurate, timely, and reflect our latest security posture.
  • Third-Party Risk Management (TPRM): Lead security evaluations for Aledade’s vendors. Analyze SOC2 reports, penetration test results, and self-assessments to ensure our supply chain meets our rigorous healthcare security standards.
  • Knowledge Base Mastery: Maintain and optimize our security response repository. You’ll ensure our "Source of Truth" is updated as our infrastructure evolves
  • Process Optimization: Identify bottlenecks in the assessment workflow and implement scalable solutions, such as self-service "Trust Centers" for partners, to reduce the manual overhead of the GRC function.

Benefits

  • Flexible work schedules and the ability to work remotely are available for many roles
  • Health, dental and vision insurance paid up to 80% for employees, dependents and domestic partners
  • Robust time-off plan (21 days of PTO in your first year)
  • Two paid volunteer days and 11 paid holidays
  • 12 weeks paid parental leave for all new parents
  • Six weeks paid sabbatical after six years of service
  • Educational Assistant Program and Clinical Employee Reimbursement Program
  • 401(k) with up to 4% match
  • Stock options

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume

What This Job Offers

Job Type

Full-time

Career Level

Mid Level

Education Level

No Education Listed

Job Search Resources

Similar Security Engineer II (GRC), Remote job opportunities

Senior Security Engineer - GRC
northwoodspace
northwoodspace • Washington D.C., WA13d
🔥 New JobGRC Engineer
Samsung
Samsung • Mountain View, CA13h • $190,000 - $210,000
🔥 New JobGRC Engineer
Samsung Electronics
Samsung Electronics • Mountain View, CA1d • $190,000 - $210,000
GRC Engineer
Payabli
Payabli • Miami, FL6d • Remote
GRC Security Specialist
Metlife Legal Plans
Metlife Legal Plans6d • Remote
Security GRC Analyst
HealthEquity
HealthEquity2d • $36 - $46 • Remote
Explore More Jobs

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service