Security Analyst - GRC

Company Overview:

Blink Health is the fastest growing healthcare technology company that builds products to make prescriptions accessible and affordable to everybody. Our two primary products- BlinkRx and Quick Save - remove traditional roadblocks within the current prescription supply chain, resulting in better access to critical medications and improved health outcomes for patients.

BlinkRx is the world's first pharma-to-patient cloud that offers a digital concierge service for patients who are prescribed branded medications. Patients benefit from transparent low prices, free home delivery, and world-class support on this first-of-its-kind centralized platform. With BlinkRx, never again will a patient show up at the pharmacy only to discover that they can't afford their medication, their doctor needs to fill out a form for them, or the pharmacy doesn't have the medication in stock.

We are a highly collaborative team of builders and operators who invent new ways of working in an industry that historically has resisted innovation. Join us!

Job Overview

We are seeking a detail-oriented and proactive Security Analyst- GRC (Governance, Risk, and Compliance) to join our Information Security team. The Security Analyst will play a pivotal role in ensuring the organization's adherence to regulatory requirements, identifying and mitigating risks, and enhancing governance processes. This position will collaborate with cross-functional teams to maintain a strong security posture and align our operations with industry standards.

Key Responsibilities

• Develop and maintain information security policies, standards, and procedures in line with industry best practices and frameworks.
• Monitor compliance with policies and procedures across departments and provide recommendations for improvement.
• Collaborate with internal stakeholders to support security awareness and training programs.
• Assist in conducting risk assessments and evaluating the effectiveness of existing controls.
• Document, and track risks, including mitigation plans and residual risks.
• Coordinate with stakeholders to ensure timely remediation of identified risks.
• Monitor compliance with applicable laws, regulations, and standards such as HIPAA, PCI DSS.
• Assist with internal and external audits by preparing documentation, evidence, and responses.
• Assist with third party security penetration tests.
• Stay informed about emerging compliance requirements and ensure the organization adapts accordingly.
• Assist in maintaining and enhancing GRC tools and platforms.
• Prepare regular reports and dashboards for leadership on governance, risk, and compliance status.
• Monitor and triage security alerts.
• Participate in incident response and business continuity planning efforts as needed.
• Work with Enterprise Security, Application Security, and Cloud Security team members
• Maintain the security center of excellence.

Required Qualifications

• Bachelor's degree in Information Security, Cybersecurity, Computer Science, Business Administration, or a related field.
• 3+ years of experience in GRC, risk management, compliance, or a related role.
• Familiarity with GRC frameworks such as ISO 27001, NIST CSF, SOC 2, or COBIT.
• Understanding of regulatory requirements like HIPAA and PCI DSS.
• Proficiency in GRC tools and platforms.
• Strong analytical, organizational, and communication skills.

Why Join Us:

It is rare to have a company that both deeply impacts its customers and is able to provide its services across a massive population. At Blink, we have a huge impact on people when they are most vulnerable: at the intersection of their healthcare and finances. We are also the fastest growing healthcare company in the country and are driving that impact across millions of new patients every year. Our business model not only helps people, but drives economics that allow us to build a generational company. We are a relentlessly learning, constantly curious, and aggressively collaborative cross-functional team dedicated to inventing new ways to improve the lives of our customers.

We are an equal opportunity employer and value diversity of all kinds. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.

Applicants who provide their phone number and consent to receive text messages may receive SMS or MMS updates from Blink Health regarding their application.