GRC Analyst- Compliance

• Information Technology • 11497 • 1516 Cotner Avenue, Los Angeles, California, US, 90025; Owings Mills, Maryland • Full-Time • Remote • USD $70,000.00/Yr. • USD $90,000.00/Yr. Artificial Intelligence; Advanced Technology; The very best in patient care. With decades of expertise, RadNet isLeading Radiology Forward. With dynamic cross-training and advancement opportunities in a team-focused environment, the core of RadNet’s success is its people with the commitment to a better healthcare experience. When you join RadNet as aGovernance, Risk and Compliance Analyst, you will be joining a dedicated team of professionals who deliver quality, value, and access in the 21st century and align all stakeholders- patients, providers, payors, and regulators to achieve the best clinical outcomes. You Will: • Evaluate IT systems, processes, and policies against regulatory requirements and industry standards. • Stay informed on evolving regulations, industry standards, and best practice in IT compliance. • Develop, update, and maintain IT policies, procedures, and guidelines in alignment with industry standards, compliance frameworks, and regulatory requirements (e.g., SOC 2, ISO 27001, NIST, HIPAA, GDPR, SOX). • Support internal stakeholders in understanding and implementing compliance requirements. • Work with IT Cyber and Security teams, Compliance, Legal, Internal Audit, and External Auditors, as well as act as a member of RadNet’s IS Policies and Procedures Committee. • Work closely with key stakeholders to conduct business impact assessments across multiple areas of the business. • Maintain RadNet’s enterprise risk register. • Conduct risk assessments to identify, analyze, and mitigate security and compliance risks. • Assist in third-party vendor risk management (VRM) by evaluating security controls and compliance posture. • Align policies and procedures with documentation requirements for all required compliance frameworks. • Identify process and procedure gaps between current IT practices and compliance requirements, and collaborate with internal stakeholders to develop and implement necessary workflows. • Support internal and external audits (SOC 1&2, HIPAA, SOX etc.) by gathering evidence and ensuring control effectiveness. • Coordinate with cross-functional teams to address compliance gaps and implement corrective actions. • Document audit compliance activities and track remediation efforts to completion. • Work closely with key stakeholders and system owners in the ongoing development of BC/DR plans. • Regularly update and test BC/DR plans to ensure readiness in the event of an incident. • Help ensure BC/DR documentation aligns with operational resilience requirements. • Support initiatives related to data security awareness training. • Assist in the development of security awareness programs to educate employees on security best practices. • Collaborate with IT security and compliance teams to ensure secure data handling and protection measures. Collaborate with Compliance Team to develop, track, and report on Security related training initiatives. • Create and maintain data flow diagrams and workflow diagrams as needed to support security, compliance, and operational initiatives. • Collaborate with IT and business teams to ensure diagrams accurately represent current processes and data flows. If You Are: • Exercise sound judgement and an ability to remain professional in all situations. • You demonstrate effective and professional communication, interpersonal skills and respect with patients, guests & colleagues. • You have a structured work-approach, understand complex problems and you are able to prioritize work in a fast-paced environment. To Ensure Success in This Role, You Must Have: • College education or work experience in a related field is required. • Strong understanding of risk assessment methodologies and risk mitigation strategies. • Previous experience in a GRC, IT security, risk management, or compliance role. • Ability to translate technical or complex concepts into user-friendly language. • Ability to collaborate, working closely with both functional and technical teams. • Ability to remain flexible as priorities change, adaptable to change, and able to accept ambiguity. • Ability to work independently and within a team environment. • Familiarity with compliance frameworks such as SOC 2, ISO 27001, NIST, HIPAA, GDPR, PCI-DSS. • Ability to communicate compliance and security concepts to both technical and non-technical audiences. • Experience in a regulated industry such as healthcare, finance, or technology. • Experience with GRC tools (e.g., Cybersaint, Archer, LogicGate). • CISSP, CISA, CRISC, CRCP certifications are a plus. • Strong understanding of application, operating system and database security controls. • Strong analytical skills. • Excellent communication skills including speaking in front of others. • Must be meticulously organized and self-motivated. • Writing skills, a must. • Strong interpersonal skills. • Ability to bring projects to completion. • Proven ability to work independently with minimal supervision. • Willingness to do some travel, 10% of time. We Offer: • Comprehensive Medical, Dental and Vision coverages. • Health Savings Accounts with employer funding. • Wellness dollars • 401(k) Employer Match • Free services at any of our imaging centers for you and your immediate family. #corpwest #compliance #grc #cissp #cisa #crcp #soc1 #soc2 We are a Equal Employment Opportunity employer. Our policy is to provide equal employment opportunities to all applicants and employees without regard to race, religion, creed, color, national origin, citizenship, ancestry, physical or mental disability, legally protected medical condition (cancer-related or genetic characteristics or any genetic information), marital status, sex, gender, sexual orientation, gender identity, gender expression, pregnancy, age, military and/or veteran status or any other basis protected by applicable law. If you need a reasonable accommodation for any part of the employment process (including the application, any testing, or interview process), please contact us by email atTalent Acquisition Departmentand let us know the nature of your request and your contact information. Requests for accommodation will be considered on a case-by-case basis. We encourage all qualified individuals to apply for employment. We consider for employment qualified applicants with criminal histories, or arrest or conviction records, in a manner consistent with relevant legal requirements, including the City of Los Angeles' Fair Chance Initiative For Hiring Ordinance, the Los Angeles County Fair Chance Ordinance for Employers, the San Francisco Fair Chance Ordinance, California Fair Chance Act, and the New York City Fair Chance Act, where applicable. The salary of the candidate selected for this role will be set based on a variety of factors, including but not limited to, internal equity, experience, education, specialty, location, and training. Any listed pay scale is not a guarantee of a particular wage.