Senior GRC Security Analyst (remote)

Introduction

At Claritev, we pride ourselves on being a dynamic team of innovative professionals. Our purpose is simple - we strive to bend the cost curve in healthcare for all. Our dedication to service excellence extends to all our stakeholders – internal and external - driving us to consistently exceed expectations. We are intentionally bold, we foster innovation, we nurture accountability, we champion diversity, and empower each other to illuminate our collective potential.

Be part of our amazing transformational journey as we optimize the opportunity towards becoming a leading technology, data, and innovation voice in healthcare. Onward and Upward!!!

Job Summary

This role will support leadership in the non-TPRM aspects of Claritev’s GRC program, with emphasis on cyber risk management, risk intake and reporting, policy and exception management, audit and control assurance, security assessments, security awareness, and the security aspects of AI, data, and insider risk governance. Working closely with business units, IT stakeholders, and partner functions such as Privacy, Legal, Compliance, and AI Governance, this position will be responsible for executing and maturing core risk management processes, maintaining the security risk register, and improving visibility, accountability, and resilience across the program.

Job Roles and Responsibilities

• Serve as a trusted advisor and subject matter expert, providing cyber risk management and security governance support to IT and business stakeholders. Support the GRC leader in executing strategy and multi-year roadmaps to mature Claritev’s GRC function.
• Collaborate with security, IT, privacy, legal, compliance, and business stakeholders to develop standards and processes that protect the confidentiality, integrity, and availability of Claritev data.
• Own and mature core non-TPRM GRC workflows and tooling, including risk intake, risk register administration, treatment plan tracking, exception handling, and risk escalation processes.
• Drive ongoing efforts to identify, assess, treat, monitor, and report cybersecurity risks, and help build GRC capabilities such as enterprise cyber risk management, policy governance, audit support, and control assurance.
• Assist with audits and reviews of assigned business processes to evaluate the adequacy of controls, document findings, recommend improvements, and track remediation activities through closure.
• Build and maintain a cyber