Welcome to the new standard of healthcare! Premise Health is the world’s leading healthcare access provider. We deliver purpose-driven career experiences in a culture-centric work environment—ensuring that employees at the nation's best companies get, stay, and be well. In a changing healthcare environment, we know there's a better way for organizations to help their people live healthier lives by delivering the right care at the right time, right where they work. Partnered with visionary organizations around the globe, we offer a broad range of healthcare services and deliver an effortless patient experience that raises the bar, lowers costs, and redefines the meaning of quality care. By shifting the conversation from cost to return and from treatment to prevention, we are committed to help people, their families, and the organizations they work for be at their best. We are looking for a Risk and Compliance Analyst to work at our Corporate office in Brentwood, TN ! If you possess a “whatever it takes attitude” keep reading. It’s hard to pinpoint a “typical” day here (and who wants typical anyway?), but as the Risk and Compliance Analyst, you will be a member of Premise Health’s IT Governance, Risk, & Compliance (GRC) team, the GRC Risk & Compliance Analyst supports the organization’s growth and strategy functions by working with the GRC Risk & Compliance Manager to oversee internal and external risk management, compliance, and assessment efforts including continual performance improvement. What You’ll Do for Us: Utilizes risk management and governance tools; recommends additional toolsets or features Manages input or data quality in risk management and governance systems Assists with on-site risk assessments Conducts external risk assessments for compliance with HITRUST, HIPAA, and PCI frameworks Develops and implements strategies for HITRUST and other compliance framework accreditation Maintains policies and procedures and facilitates review processes Collects and registers risk-related data from internal and external sources Assists with measuring the success and effectiveness of controls through facilitation of control attestations Writes compliance assessment reports including evidence-based recommendations for remediation tracking Coordinates compliance requirements with internal control owners in preparation for assessments Provides subject matter expertise on compliance framework accreditation (e.g. HIPAA, HITRUST, etc.); educates stakeholders on requirements Maintains IT Security education, training, and awareness programs Education: Bachelor’s degree from an accredited university or equivalent work experience CISA or CISSP is strongly preferred. Certification will be required for candidates who do not currently possess it. Experience: 2-4 years of experience in IT security/risk management, project management, or implementations (health care industry a plus) Experience evaluating and implementing tools to support GRC programs Knowledge and Skills: Knowledge of emerging trends tools, methodologies and best practices in information technology and security Knowledge of IT risk controls and compliance frameworks (e.g. SOC2, ISO 27001, NIST 800 series, ITIL) Knowledge of risk management theory, industry best practices, and quality frameworks (e.g. ISO, Lean Six Sigma, CMMi and ITIL) Working knowledge of key compliancy regulations and requirements (e.g. HIPAA, HITRUST, SOC2, and PCI-DSS) Strong working knowledge and application of Microsoft Office Suite (Word, Excel, PowerPoint, SharePoint) Exceptional written, presentation and oral communication skills Ability to work with teams and management on complex projects Ability to work in a team-oriented, collaborative environment Ability to learn and research new concepts, ideas, and technologies quickly Ability taking a concept from idea to completion What We’ll Do for You: At Premise Health, you’re not an employee – you’re a team member. We have health centers, pharmacies, fitness centers and offices scattered across the country, but we’re all working together to deliver exemplary and delightful service to our clients, their employees and family members. We’re proud of the culture we’ve built, and we aim to assist our team members in living their best life – in and out of the workplace. That’s why you’ll find us taking a yoga class together or starting a book club. We know that we can only help people get, stay, and be well if we do the same for ourselves. We’re also not afraid to share what we’re up to – check out some of our smiling faces. As an employer, we want to compensate you for the work you do with more than a paycheck (although you’ll get one of those too). Premise Health offers competitive benefits packages including medical, dental, vision, life insurance, 401(k), paid holidays and vacation time, and a company-sponsored wellness program. We are an equal opportunity employer of nice people and value inclusion at our company. We do not discriminate based on race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.