Sr. Info Systems Compliance Analyst

GoodRx is the leading prescription savings platform in the U.S. Trusted by more than 25 million consumers and 750,000 healthcare professionals annually, GoodRx provides access to savings and affordability options for generic and brand-name medications at more than 70,000 pharmacies nationwide, as well as comprehensive healthcare research and information. Since 2011, GoodRx has helped consumers save nearly $75 billion on the cost of their prescriptions. Our goal is to help Americans find convenient and affordable healthcare. We offer solutions for consumers, employers, health plans, and anyone else who shares our desire to provide affordable prescriptions to all Americans.

About the Role

This person has strong IT audit experience and background in the technical implementation of SOC2, NIST / HiTrust and SOX-404. Additional knowledge in privacy frameworks such as NIST privacy and CCPA would be beneficial to the role but not required. As our Senior Compliance Analyst, you support compliance initiatives by engaging various process owners in the design, documentation, implementation, and monitoring of the appropriate IT controls in our computing environments and demonstrating those controls to external auditors. In addition, you are responsible for assisting in the monitoring and oversight of our yearly audits, liaising between control owners, internal audit, and external audit teams. Additionally, this role includes larger projects such as implementation of new frameworks and standards. This position reports into the Compliance Manager. Responsibilities:

• Coordinating walkthrough meetings and evidence collection for external auditors for SOC 2, SOX, and HITRUST audits, through collaboration with control owners.
• Performing risk assessments and audits with limited supervision from management as well as assisting in the overall risk management program
• Capturing and analyzing information to identify key risks and corresponding controls.
• Managing various control frameworks within OneTrust
• HITRUST readiness, including validation of control requirements against current policies, procedures and implementations
• Management of our GRC tool, overseen by the Compliance Manager.
• Write policies and procedures for internal controls.
• Managing the update and review of policies and procedures that are required for our yearly audits through review of applicable laws and regulations and coordination with the larger group.
• Communicating findings and recommendations to management, and assisting in deficiency remediation as part of our annual audits.
• Deliver and management of security training, including phishing campaigns

Skills & Qualifications:

• Bachelor’s degree in Accounting, Finance, Computer Science, or relevant quantitative field.
• 4+ years experience in IT regulation and compliance standards such as SOC 2 NIST, ISO 27001, SOX-404, HiTrust and HIPAA.
• Understanding of IT methodologies, such as software development lifecycle and operations.
• Ability to understand complex technical, cloud-based environments.
• Experience designing/testing/implementing internal controls and reviewing business processes.
• Excellent oral, written and presentation communication skills.

Nice to Have:

• Recognized professional certification(s) (CISA, CISSP, CPA, CIA, CCSP, CFE).
• Experience working for a company in the technology or healthcare industry.
• Experience with NetSuite, Workday, Blackline, JP Morgan, OneTrust, KnowBe4, JIRA, is a plus.

Engineering teams are responsible for supporting appropriate security controls, including management, operational, and technical controls in addition to general GoodRx best practices, such as reading and adhering to the security policies and procedures, being vigilant and observant of potential security threats, etc. At GoodRx, pay ranges are determined based on work locations and may vary based on where the successful candidate is hired. The pay ranges below are shown as a guideline, and the successful candidate’s starting pay will be determined based on job-related skills, experience, qualifications, and other relevant business and organizational factors. These pay zones may be modified in the future. Please contact your recruiter for additional information. San Francisco and Seattle Offices: $121,000.00 - $193,000.00 New York Office: $111,000.00 - $177,000.00 Santa Monica Office: $101,000.00 - $161,000.00 Other Office Locations: $91,000.00 - $145,000.00 GoodRx also offers additional compensation programs such as annual cash bonuses or commission, and annual equity grants for most positions as well as generous benefits. Our great benefits offerings include medical, dental, and vision insurance, 401(k) with a company match, an ESPP, unlimited vacation, 13 paid holidays, and 72 hours of sick leave. GoodRx also offers additional benefits like mental wellness and financial wellness programs, fertility benefits, generous parental leave, pet insurance, supplemental life insurance for you and your dependents, company-paid short-term and long-term disability, and more! We’re committed to growing and empowering a more inclusive community within our company and industry. That’s why we hire and cultivate diverse teams of the best and brightest from all backgrounds, experiences, and perspectives. We believe that true innovation happens when everyone has a seat at the table and the tools, resources, and opportunities to excel. With that said, research shows that women and other underrepresented groups apply only if they meet 100% of the criteria. GoodRx is committed to leveling the playing field, and we encourage women, people of color, those in the LGBTQ+ communities, individuals with disabilities, and Veterans to apply for positions even if they don’t necessarily check every box outlined in the job description. Please still get in touch - we’d love to connect and see if you could be good for the role! GoodRx is committed to providing reasonable accommodations for candidates with disabilities during our recruiting process. If you need any assistance or accommodations due to a disability, please reach out to us at [email protected] . We prioritize candidate safety. Please be aware that all official communication will only be sent from @goodrx.com or [email protected] addresses. GoodRx is America's healthcare marketplace. The company offers the most comprehensive and accurate resource for affordable prescription medications in the U.S., gathering pricing information from thousands of pharmacies coast to coast, as well as a tele-health marketplace for online doctor visits and lab tests. Since 2011, Americans with and without health insurance have saved $60 billion using GoodRx and million consumers visit goodrx.com each month to find discounts and information related to their healthcare. GoodRx is the #1 most downloaded medical app on the iOS and Android app stores. For more information, visit www.goodrx.com . Apply tot his job Apply To this Job