Lead IT Security GRC Analyst
Monogram Health, Nashville, TN, United States
Lead IT Security GRC Analyst
Position: Lead IT Security GRC Analyst. Monogram Health is actively seeking an accomplished and motivated Lead IT Security Governance Risk and Compliance (GRC) Analyst who shares our commitment to information security as a cornerstone in safeguarding our organization. The Lead IT Security GRC Analyst will be part of a fast‑paced environment that pushes you to learn while doing. This role needs to be both strategic and intensely focused on GRC with an emphasis on process, scalability, and automation to ensure our security posture aligns seamlessly with business objectives. We value experience in collaborating with key stakeholders, understanding regulatory requirements, and implementing effective security strategies. The Lead IT Security GRC Analyst will serve as the process owner for all ongoing activities related to the availability, integrity and confidentiality of the patient, provider, employee and business information in compliance with Monogram Health’s Information Security policies and procedures. This is a team‑oriented group that works together to implement and manage security controls, tools and processes. The successful candidate will be curious, creative, and highly interested in the latest security developments. This role is based in the Brentwood, TN office.
Responsibilities
Lead security risk management efforts. Contribute to the development of the organization’s overall security strategy and provide strategic input for security initiatives and projects
Lead and mentor a team of GRC security professionals
Develop security awareness materials and manage phishing simulation
Anticipate security threats that generate alerts, incidents, and disasters and recommend controls to reduce their likelihood
Develop, implement, and maintain risk mitigation strategies and action plans with key stakeholders
Monitor and report on risk metrics and trends. Prepare reports that document security incidents and breaches and the extent of the damage caused by the breaches
Collaborate with the Compliance Department to ensure Monogram Health’s compliance with relevant laws, regulations, certifications, assessments, and industry standards
Facilitate third‑party security assessments and audits, such as HIPAA security risk assessments and HITRUST assessments.
Assess, manage, maintain, and enhance the third‑party vendor risk management program and ensure third‑party compliance with security standards
Collaborate with other departments to integrate security into business processes
Identify and implement continuous improvement initiatives within the security GRC function to enhance security posture
Stay informed about industry trends and best practices.
Assist in incidents and security breaches to determine root causes
Lead annual policies and procedures reviews and updates
Position Requirements
Bachelor’s degree
Minimum of three (3) years of experience in information security governance, risk, and compliance and AI security and data privacy governance and controls implementation
Familiarity with industry standards and regulations including PCI, HIPAA, NIST, HITRUST, and IS0 27007
Demonstrated interpersonal, verbal, and written communication skills
Working knowledge of and experience in the policy and regulatory environment of information security, especially in healthcare is preferred
Demonstrated entrepreneurial spirit, humility, and comfort working in and contributing to a dynamic and cross‑functional team environment.
Keep constantly updating job knowledge by participating in educational opportunities; reading professional publications; maintaining personal networks; participating in professional organizations
CISSP, CISM, CISA, CRISC certifications or like preferred
Benefits
Comprehensive Benefits - Medical, dental, and vision insurance, employee assistance program, employer‑paid and voluntary life insurance, disability insurance, plus health and flexible spending accounts
Financial & Retirement Support – Competitive compensation, 401k with employer match, and financial wellness resources
Time Off & Leave – Paid holidays, flexible vacation time/PSSL, and paid parental leave
Wellness & Growth – Work life assistance resources, physical wellness perks, mental health support, employee referral program, and BenefitHub for employee discounts
About Monogram Health
Monogram Health is a leading multispecialty provider of in‑home, evidence‑based care for the most complex of patients who have multiple chronic conditions. Monogram health takes a comprehensive and personalized approach to a person’s health, treating not only a disease, but all of the chronic conditions that are present - such as diabetes, hypertension, chronic kidney disease, heart failure, depression, COPD, and other metabolic disorders. Monogram Health employs a robust clinical team, leveraging specialists across multiple disciplines including nephrology, cardiology, endocrinology, pulmonology, behavioral health, and palliative care to diagnose and treat health issues; review and prescribe medication; provide guidance, education, and counselling on a patient’s healthcare options; as well as assist with daily needs such as access to food, eating healthy, transportation, financial assistance, and more. Monogram Health is available 24 hours a day, 7 days a week, and on holidays, to support and treat patients in their home. Monogram Health’s personalized and innovative treatment model is proven to dramatically improve patient outcomes and quality of life while reducing medical costs across the health care continuum.
#J-18808-Ljbffr
Position: Lead IT Security GRC Analyst. Monogram Health is actively seeking an accomplished and motivated Lead IT Security Governance Risk and Compliance (GRC) Analyst who shares our commitment to information security as a cornerstone in safeguarding our organization. The Lead IT Security GRC Analyst will be part of a fast‑paced environment that pushes you to learn while doing. This role needs to be both strategic and intensely focused on GRC with an emphasis on process, scalability, and automation to ensure our security posture aligns seamlessly with business objectives. We value experience in collaborating with key stakeholders, understanding regulatory requirements, and implementing effective security strategies. The Lead IT Security GRC Analyst will serve as the process owner for all ongoing activities related to the availability, integrity and confidentiality of the patient, provider, employee and business information in compliance with Monogram Health’s Information Security policies and procedures. This is a team‑oriented group that works together to implement and manage security controls, tools and processes. The successful candidate will be curious, creative, and highly interested in the latest security developments. This role is based in the Brentwood, TN office.
Responsibilities
Lead security risk management efforts. Contribute to the development of the organization’s overall security strategy and provide strategic input for security initiatives and projects
Lead and mentor a team of GRC security professionals
Develop security awareness materials and manage phishing simulation
Anticipate security threats that generate alerts, incidents, and disasters and recommend controls to reduce their likelihood
Develop, implement, and maintain risk mitigation strategies and action plans with key stakeholders
Monitor and report on risk metrics and trends. Prepare reports that document security incidents and breaches and the extent of the damage caused by the breaches
Collaborate with the Compliance Department to ensure Monogram Health’s compliance with relevant laws, regulations, certifications, assessments, and industry standards
Facilitate third‑party security assessments and audits, such as HIPAA security risk assessments and HITRUST assessments.
Assess, manage, maintain, and enhance the third‑party vendor risk management program and ensure third‑party compliance with security standards
Collaborate with other departments to integrate security into business processes
Identify and implement continuous improvement initiatives within the security GRC function to enhance security posture
Stay informed about industry trends and best practices.
Assist in incidents and security breaches to determine root causes
Lead annual policies and procedures reviews and updates
Position Requirements
Bachelor’s degree
Minimum of three (3) years of experience in information security governance, risk, and compliance and AI security and data privacy governance and controls implementation
Familiarity with industry standards and regulations including PCI, HIPAA, NIST, HITRUST, and IS0 27007
Demonstrated interpersonal, verbal, and written communication skills
Working knowledge of and experience in the policy and regulatory environment of information security, especially in healthcare is preferred
Demonstrated entrepreneurial spirit, humility, and comfort working in and contributing to a dynamic and cross‑functional team environment.
Keep constantly updating job knowledge by participating in educational opportunities; reading professional publications; maintaining personal networks; participating in professional organizations
CISSP, CISM, CISA, CRISC certifications or like preferred
Benefits
Comprehensive Benefits - Medical, dental, and vision insurance, employee assistance program, employer‑paid and voluntary life insurance, disability insurance, plus health and flexible spending accounts
Financial & Retirement Support – Competitive compensation, 401k with employer match, and financial wellness resources
Time Off & Leave – Paid holidays, flexible vacation time/PSSL, and paid parental leave
Wellness & Growth – Work life assistance resources, physical wellness perks, mental health support, employee referral program, and BenefitHub for employee discounts
About Monogram Health
Monogram Health is a leading multispecialty provider of in‑home, evidence‑based care for the most complex of patients who have multiple chronic conditions. Monogram health takes a comprehensive and personalized approach to a person’s health, treating not only a disease, but all of the chronic conditions that are present - such as diabetes, hypertension, chronic kidney disease, heart failure, depression, COPD, and other metabolic disorders. Monogram Health employs a robust clinical team, leveraging specialists across multiple disciplines including nephrology, cardiology, endocrinology, pulmonology, behavioral health, and palliative care to diagnose and treat health issues; review and prescribe medication; provide guidance, education, and counselling on a patient’s healthcare options; as well as assist with daily needs such as access to food, eating healthy, transportation, financial assistance, and more. Monogram Health is available 24 hours a day, 7 days a week, and on holidays, to support and treat patients in their home. Monogram Health’s personalized and innovative treatment model is proven to dramatically improve patient outcomes and quality of life while reducing medical costs across the health care continuum.
#J-18808-Ljbffr