We are united in our mission to make a positive impact on healthcare. Join Us!
South Florida Business Journal, Best Places to Work 2024
Inc. 5000 Fastest-Growing Private Companies in America 2023
Company of the Year | 2023 BIG Innovation Awards
Fastest-Growing Company of the Year – Large (Bronze) | 2022 Best in Biz Awards
Who we are:
We Are Modernizing Medicine (WAMM)! We’re a team of bright, passionate, and positive problem-solvers on a mission to place doctors and patients at the center of care through an intelligent, specialty-specific cloud platform. Our vision is a world where the software we build increases medical practice success and improves patient outcomes. Founded in 2010 by Daniel Cane and Dr. Michael Sherling, we have grown to over 3400 combined direct and contingent team members serving eleven specialties, and we are just getting started! ModMed is based in Boca Raton, FL, with office locations in Santiago, Chile, Berlin, Germany, Hyderabad, India, and a robust remote workforce with team members across the US.
ModMed is hiring a driven Cyber GRC (Governance, Risk, and Compliance) Analyst who will be responsible for supporting the development and implementation of GRC strategies within ModMed. This role will ensure that ModMed adheres to regulatory requirements, industry standards, and best practices for cybersecurity. The ideal candidate will have a strong understanding of GRC frameworks, experience in risk assessment and management, and the ability to collaborate across various departments to enhance our security posture within a fast-paced Healthcare IT company that is truly Modernizing Medicine!
Your Role:
- Develop and maintain cybersecurity policies, procedures, and standards
- Ensure alignment of cybersecurity practices with business objectives and regulatory requirements
- Assist in the creation and management of the cybersecurity governance framework
- Conduct risk assessments on third-parties to identify and evaluate potential cybersecurity risks
- Develop and implement risk mitigation strategies and controls
- Monitor and report on risk management activities and the effectiveness of controls
- Ensure compliance with industry regulations and standards (e.g., HIPAA)
- Conduct regular audits and assessments to ensure adherence to compliance requirements
- Collaborate with internal and external auditors during compliance reviews and audits
- Develop and deliver cybersecurity awareness training materials
- Promote culture of cybersecurity awareness across the organization
- Monitor and report on the effectiveness of security awareness initiatives
- Prepare regular reports on GRC activities and metrics for senior security management
- Maintain comprehensive documentation of all GRC activities, policies, and procedures
- Ensure proper documentation of risk assessments, audit findings, and compliance activities
Skills & Requirements:
- Bachelor’s degree or equivalent education and experience
- Minimum of 3-5 years of experience in information security GRC, or related fields
- Experience with third-party risk management, enterprise security risk management, and security awareness
- Proficiency in risk assessment methodologies and tools
- Excellent problem-solving skills
- Strong communication and interpersonal skills
- Familiarity with healthcare industry regulations and standards is a plus
- Strong understanding of security frameworks and standards (e.g., NIST CSF, HITRUST)
- Experience with GRC tools and technologies
- CISSP Certification
- CISM Certification
ModMed Benefits Highlight:
At ModMed, we believe it’s important to offer a competitive benefits package designed to meet the diverse needs of our growing workforce. Eligible Modernizers can enroll in a wide range of benefits, including:
- Comprehensive medical, dental, and vision benefits, including a company Health Savings Account contribution,
- 401(k): ModMed provides a matching contribution each payday of 50% of your contribution deferred on up to 6% of your compensation. After one year of employment with ModMed, 100% of any matching contribution you receive is yours to keep.
- Generous Paid Time Off and Paid Parental Leave programs,
- Company paid Life and Disability benefits, Flexible Spending Account, and Employee Assistance Programs,
- Company-sponsored Business Resource & Special Interest Groups that provide engaged and supportive communities within ModMed,
- Professional development opportunities, including tuition reimbursement programs and unlimited access to LinkedIn Learning,
- Global presence and in-person collaboration opportunities; dog-friendly HQ (US), Hybrid office-based roles and remote availability for some roles,
- Weekly catered breakfast and lunch, treadmill workstations, Zen, and wellness rooms within our BRIC headquarters.