Security Risk and Compliance Analyst (Security Assurance)

Description

Who We Are

Machinify is a leading healthcare intelligence company with expertise across the payment continuum, delivering unmatched value, transparency, and efficiency to health plan clients across the country. Deployed by over 60 health plans, including many of the top 20, and representing more than 160 million lives, Machinify brings together a fully configurable and content-rich, AI-powered platform along with best-in-class expertise. We’re constantly reimagining what’s possible in our industry, creating disruptively simple, powerfully clear ways to maximize financial outcomes and drive down healthcare costs.

Location:

This role is fully remote

About The Opportunity

At Machinify, we're building a robust security program to protect our clients' sensitive healthcare data and maintain the highest standards of information security. As part of the Security team, you will serve as a primary point of contact for customer risk assurance, helping our healthcare insurance clients understand and validate our security posture. This customer-facing role is essential to building trust with our clients and supporting our business objectives through exceptional security service delivery.

As a Security Risk and Compliance Analyst, you will be primarily responsible for managing customer security assurance processes, including responding to security questionnaires, audit requests, and third-party risk assessments from our healthcare payer clients. You'll work closely with cross-functional teams to ensure we consistently demonstrate our commitment to protecting sensitive healthcare data while supporting our sales and customer success teams with security expertise.

What You'll Do

Primary Responsibilities - Customer Risk Assurance (70% of role):

• Serve as the primary point of contact for customer security assurance requests and inquiries
• Respond to customer security questionnaires, audit requests, and compliance documentation requests with accuracy and timeliness
• Support customer-facing security presentations and calls to address client security concerns
• Collaborate with sales and customer success teams to provide security assurance during the sales process and ongoing client relationships
• Manage customer security assessment processes and coordinate responses across internal teams
• Maintain customer security documentation repository and ensure information is current and accessible
  
  

Supporting Security Program Responsibilities (30% of role):

• Conduct third-party risk assessments to evaluate the security posture of vendors and partners
• Create, review, and maintain security policies and procedures to align with industry best practices
• Support audit and compliance activities for SOC2 and HITRUST certifications
• Facilitate governance processes, including communication with company leadership
• Coordinate and execute periodic access reviews across systems and applications
• Track and report on security metrics and compliance status to leadership
• Support risk assessment activities and remediation tracking
• Develop and deliver security awareness training programs for employees
• Assist with security documentation for regulatory requirements
• Participate in security incident response when needed
  
  

Qualifications

What experience you bring (Role Requirements):

Essential Qualifications

• Bachelor's degree in Information Security, Compliance, Risk Management, Accounting/Finance, or related field, or equivalent work experience
• 3+ years of experience in information security, governance, risk, and compliance (GRC)
• Strong customer service orientation with experience managing client-facing security processes
• Demonstrated experience responding to customer security questionnaires and audit requests
• Strong understanding of security frameworks such as NIST, ISO 27001, HITRUST, and SOC2
• Experience with healthcare compliance requirements (HIPAA)
• Knowledge of third-party risk management processes and vendor security assessments
  
  

Preferred Qualifications

• Security certification preferred (CISSP, CISM, CISA, or similar)
• Experience in healthcare technology or working with healthcare payers/insurance companies
• Familiarity with security policies and procedures development
• Strong analytical and documentation skills
• Excellent written and verbal communication abilities for customer interactions and cross-functional collaboration
  
  

Expectations

• Deliver exceptional customer service while maintaining security standards and building client trust
• Respond to customer security inquiries promptly and accurately
• Maintain security best practices and contribute to continuous improvement of security controls
• Collaborate effectively with sales, customer success, and internal security teams
• Manage multiple customer requests and priorities in a fast-paced environment
• Stay current with evolving security and compliance requirements in the healthcare industry
  
  

Success Criteria For The First 3 Months

Understanding the Role

• Develop strong knowledge of Machinify's security policies, compliance requirements, and customer assurance processes
• Understand business objectives, customer base, and regulatory landscape for healthcare payment integrity
• Learn customer security questionnaire templates and response processes
  
  

Building Relationships

• Establish effective communication with sales and customer success teams
• Build collaborative relationships with IT, development, compliance, and business teams
• Actively participate in customer calls and security meetings
• Begin managing customer security requests with guidance
  
  

Time and Priorities Management

• Learn to effectively prioritize and triage customer security requests
• Successfully complete assigned customer documentation projects with minimal guidance
• Develop efficient workflows for routine customer assurance tasks
  
  

Feedback and Growth

• Incorporate feedback from team leads and customer-facing teams to improve service delivery
• Demonstrate willingness to learn customer-specific requirements and industry standards
  
  

Confidence and Comfort

• Gain confidence in handling customer security questionnaires and audit requests independently
• Become comfortable with compliance tools and customer communication processes
  
  

Mastery Of Responsibilities

Success Criteria for the First Year:

• Demonstrate expertise in customer security assurance and become the go-to resource for client security questions
• Consistently deliver high-quality, timely responses to customer security inquiries
• Contribute to improving customer experience and satisfaction through excellent security service
  
  

Building a Strong Network

• Establish yourself as a trusted security advisor to our customers and internal stakeholders
• Effectively collaborate across departments to address customer security concerns
• Build strong relationships with key customer contacts
  
  

Greater Responsibility

• Take ownership of customer security assurance program and processes
• Lead customer security presentations and complex audit processes
• Contribute to security policy decisions based on customer feedback and requirements
  
  

Career Progression and Development

• Obtain relevant security or compliance certifications
• Share knowledge and mentor other team members on customer assurance best practices
• Contribute to sales enablement through security expertise and customer insights
  
  

Recognition and Trust

• Become a reliable resource for customer security guidance and a key contributor to customer retention
• Demonstrate leadership in customer-facing initiatives and security program improvements
• Receive positive feedback from customers on security service delivery
  
  

Pay range: $75,000 - $105,000

This is an exempt position. For Salary positions only: The salary range is for Base Salary. Compensation will be determined based on several factors including, but not limited to, skill set, years of experience, and the employee's geographic location.

What's In It For You

• PTO, Paid Holidays, and Volunteer Days
• Eligibility for health, vision and dental coverage, 401(k) plan participation with company match, and flexible spending accounts
• Tuition Reimbursement
• Eligibility for company-paid benefits including life insurance, short-term disability, and parental leave
• Remote and hybrid work options
• Support for security certifications and professional development
  
  

At Machinify, we’re reimagining a simpler way forward. This begins with our employees. We are innovators who value integrity, teamwork, accuracy, and flexibility. We do the right thing, and we listen to the needs of our clients and their members. As tenured experts with unmatched experience, we champion diverse perspectives that help us to better understand and serve our clients.

Our values come to life through our culture. We embrace flexible working arrangements that allow our employees to bring innovation to life in the way that best suits their productivity. We work cross-functionally, abandoning silos, to bring innovative, accurate solutions to market. We invest in each other through ongoing education and team celebrations, and we give back to our communities through dedicating days for volunteering. Together, Machinify is making healthcare work better for everyone, and we’re passionate about a future with better outcomes for all.

We are committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender, gender identity or expression, or veteran status. We are proud to be an equal opportunity workplace. Machinify is an employment at will employer.