Governance, Risk, and Compliance Senior Analyst, SWORD Health

• 5+ years of hands-on experience in Information Security certifications with proven success leading complex frameworks like SOC 2, ISO 27001, PCI-DSS, and HITRUST independently
• Demonstrated experience in conducting and leading audits and maintaining compliance in highly regulated and complex environments such as Healthcare and AI
• Excellent communication and leadership skills, with a demonstrated ability to mentor junior team members and communicate compliance requirements effectively to non-technical audiences
• Strong analytical and problem-solving skills, with a proactive calculated approach to mitigating compliance risks
• Self-starter approach with the ability to operate with minimal supervision

Desirable

• This is an opportunity for you to make a significant difference on a massive scale as you work alongside 800+ (and growing!) talented colleagues, spanning two continents
• As a GRC Analyst, you will play a pivotal role in ensuring Sword’s compliance with complex regulatory frameworks while driving innovation and efficiency in our Governance, Risk, and Compliance (GRC) programs
• You will take ownership of key compliance initiatives, like SOC 2 and ISO 27001
• This role functions independently to lead audits and improve risk management processes across the organization
• This is an exciting opportunity to join a team where you’ll have a direct impact on safeguarding patient data, managing risk, and ensuring that Sword meets the highest security and compliance standards in the industry
• Leading the implementation and maintenance of key compliance frameworks such as SOC 2, ISO 27001, HITRUST, and PCI-DSS
• Working closely with the Director of Risk and Compliance to continuously improve Sword’s GRC programs, driving initiatives to meet high compliance standards across Healthcare and AI
• Taking full ownership of specific compliance certifications and audits, ensuring timely and effective execution
• Mentoring and supporting junior team members, fostering a culture of continuous learning and improvement in the compliance function
• Conducting comprehensive risk assessments, including third-party vendor risk management, and proposing strategies to mitigate identified risks
• Spearheading internal and external audits for current and future compliance initiatives, ensuring accurate and efficient audit preparation and follow-up
• Developing and enhancing processes related to security questionnaires, client security assessments, and compliance training at all organizational levels

• A stimulating, fast-paced environment with lots of room for creativity
• A bright future at a promising high-tech startup company
• Career development and growth
• The opportunity to work with a talented team and to add real value to an innovative solution with the potential to change the future of healthcare
• A stimulating environment with room for creativity
• A flexible environment where you can control your hours (remotely) with unlimited vacation
• Access to our health and well-being program (digital therapist sessions)
• Remote or Hybrid work policy

Total funding: $327.5m

For a number of reasons including cost, only about 30% of patients complete their physical therapy regimens. This results in millions of people not receiving the full breadth of care they need to reach full recovery. And physical therapy practices are missing out on a massive amount of revenue potential.