Nevada Staffing
Senior Analyst, Information Security Governance, Risk, and Compliance (GrC)
Datavant is a data platform company and the world's leader in health data exchange. Our vision is that every healthcare decision is powered by the right data, at the right time, in the right format. Our platform is powered by the largest, most diverse health data network in the U.S., enabling data to be secure, accessible and usable to inform better health decisions. Datavant is trusted by the world's leading life sciences companies, government agencies, and those who deliver and pay for care. By joining Datavant today, you're stepping onto a high-performing, values-driven team. Together, we're rising to the challenge of tackling some of healthcare's most complex problems with technology-forward solutions. Datavanters bring a diversity of professional, educational and life experiences to realize our bold vision for healthcare. What We're Looking For As a Senior Analyst within the Information Security Governance, Risk, and Compliance (GRC) organization, you will play a key role in supporting Datavant's audit, compliance, and assurance activities. You'll apply your deep understanding of IT controls, risk management, and compliance frameworks to help maintain and improve Datavant's control environment. This is a hands-on role suited for a self-starter who enjoys solving problems, collaborating cross-functionally, and ensuring compliance excellence in a fast-paced environment. What You Will Do Support strategic compliance initiatives Contribute to enterprise-level audits and assessments from kickoff through final deliverables and report delivery Perform technical control testing and validation for infrastructure, applications, and cloud services Coordinate walkthroughs, evidence collection, and remediation tracking with internal teams and external auditors Strengthen the control environment Support the maintenance and enhancement of Datavant's Unified Control Framework to align overlapping compliance frameworks Draft and update control narratives, test plans, and policy documentation in response to evolving regulatory and industry requirements Partner with control owners to validate control effectiveness and identify improvement opportunities Communicate and collaborate Act as a compliance subject matter expert, supporting internal stakeholders across engineering, product, legal, and operations Translate complex compliance requirements into clear, actionable technical and operational guidance Provide clear, concise documentation and summaries to support audit readiness and stakeholder understanding Enhance processes and automation Identify opportunities to automate and streamline evidence collection and control testing Collaborate with GRC team members to improve existing compliance workflows and leverage tooling for greater efficiency Participate in process reviews to strengthen consistency and accuracy across compliance activities Drive continuous improvement Draft control descriptions, SOC report narratives, and remediation plans Identify control gaps, assess risk, and lead remediation tracking through completion Stay current on emerging regulations, frameworks, and audit trends to ensure Datavant stays ahead of the curve What You Need to Succeed 4+ years of experience in IT audit, security compliance or risk management Hands-on, proven experience with security frameworks and regulations such as HIPAA, PCI-DSS, HITRUST, NIST 800-53, and/or FedRAMP Experience conducting technical control assessments and writing audit-ready documentation Excellent communication skillsyou can explain control requirements to engineers and translate technical speak for auditors Demonstrated ability to juggle competing priorities in a fast-moving environment Strong analytical, organizational, and project management capabilities Self-starter who is driven to build structure where needed Tool & Technology Stack We value familiarity with the following tools and platforms. While not all are required, exposure to these (or similar) technologies will help you succeed: GRC Platforms: TrustCloud or similar Ticketing Systems: Jira, Asana Collaboration Tools: Slack, Confluence Cloud Platforms: AWS (preferred), GCP, Azure Automation/Scripting: Familiarity with automation tools or scripting languages (e.g., Python, Bash) for control testing and workflow optimization is a plus Bonus points for: One or more industry-recognized certifications: CISA, CISSP, CISM, CCSP, etc. Experience in the healthcare industry or working with PHI and HIPAA compliance Familiarity with cloud-native security practices and cloud compliance tooling Datavant is committed to building a diverse team of Datavanters who are all responsible for stewarding a high-performance culture in which all Datavanters belong and thrive. We are proud to be an Equal Employment Opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, sex, sexual orientation, gender identity, religion, national origin, disability, veteran status, or other legally protected status. At Datavant our total rewards strategy powers a high-growth, high-performance, health technology company that rewards our employees for transforming health care through creating industry-defining data logistics products and services. The range posted is for a given job title, which can include multiple levels. Individual rates for the same job title may differ based on their level, responsibilities, skills, and experience for a specific job. The estimated total cash compensation range for this role is: $136,000$170,000 USD. To ensure the safety of patients and staff, many of our clients require post-offer health screenings and proof and/or completion of various vaccinations such as the flu shot, Tdap, COVID-19, etc. Any requests to be exempted from these requirements will be reviewed by Datavant Human Resources and determined on a case-by-case basis. Datavant is committed to working with and providing reasonable accommodations to individuals with physical and mental disabilities. If you need an accommodation while seeking employment, please request it here, by selecting the 'Interview Accommodation Request' category. You will need your requisition ID when submitting your request, you can find instructions for locating it here .
Datavant is a data platform company and the world's leader in health data exchange. Our vision is that every healthcare decision is powered by the right data, at the right time, in the right format. Our platform is powered by the largest, most diverse health data network in the U.S., enabling data to be secure, accessible and usable to inform better health decisions. Datavant is trusted by the world's leading life sciences companies, government agencies, and those who deliver and pay for care. By joining Datavant today, you're stepping onto a high-performing, values-driven team. Together, we're rising to the challenge of tackling some of healthcare's most complex problems with technology-forward solutions. Datavanters bring a diversity of professional, educational and life experiences to realize our bold vision for healthcare. What We're Looking For As a Senior Analyst within the Information Security Governance, Risk, and Compliance (GRC) organization, you will play a key role in supporting Datavant's audit, compliance, and assurance activities. You'll apply your deep understanding of IT controls, risk management, and compliance frameworks to help maintain and improve Datavant's control environment. This is a hands-on role suited for a self-starter who enjoys solving problems, collaborating cross-functionally, and ensuring compliance excellence in a fast-paced environment. What You Will Do Support strategic compliance initiatives Contribute to enterprise-level audits and assessments from kickoff through final deliverables and report delivery Perform technical control testing and validation for infrastructure, applications, and cloud services Coordinate walkthroughs, evidence collection, and remediation tracking with internal teams and external auditors Strengthen the control environment Support the maintenance and enhancement of Datavant's Unified Control Framework to align overlapping compliance frameworks Draft and update control narratives, test plans, and policy documentation in response to evolving regulatory and industry requirements Partner with control owners to validate control effectiveness and identify improvement opportunities Communicate and collaborate Act as a compliance subject matter expert, supporting internal stakeholders across engineering, product, legal, and operations Translate complex compliance requirements into clear, actionable technical and operational guidance Provide clear, concise documentation and summaries to support audit readiness and stakeholder understanding Enhance processes and automation Identify opportunities to automate and streamline evidence collection and control testing Collaborate with GRC team members to improve existing compliance workflows and leverage tooling for greater efficiency Participate in process reviews to strengthen consistency and accuracy across compliance activities Drive continuous improvement Draft control descriptions, SOC report narratives, and remediation plans Identify control gaps, assess risk, and lead remediation tracking through completion Stay current on emerging regulations, frameworks, and audit trends to ensure Datavant stays ahead of the curve What You Need to Succeed 4+ years of experience in IT audit, security compliance or risk management Hands-on, proven experience with security frameworks and regulations such as HIPAA, PCI-DSS, HITRUST, NIST 800-53, and/or FedRAMP Experience conducting technical control assessments and writing audit-ready documentation Excellent communication skillsyou can explain control requirements to engineers and translate technical speak for auditors Demonstrated ability to juggle competing priorities in a fast-moving environment Strong analytical, organizational, and project management capabilities Self-starter who is driven to build structure where needed Tool & Technology Stack We value familiarity with the following tools and platforms. While not all are required, exposure to these (or similar) technologies will help you succeed: GRC Platforms: TrustCloud or similar Ticketing Systems: Jira, Asana Collaboration Tools: Slack, Confluence Cloud Platforms: AWS (preferred), GCP, Azure Automation/Scripting: Familiarity with automation tools or scripting languages (e.g., Python, Bash) for control testing and workflow optimization is a plus Bonus points for: One or more industry-recognized certifications: CISA, CISSP, CISM, CCSP, etc. Experience in the healthcare industry or working with PHI and HIPAA compliance Familiarity with cloud-native security practices and cloud compliance tooling Datavant is committed to building a diverse team of Datavanters who are all responsible for stewarding a high-performance culture in which all Datavanters belong and thrive. We are proud to be an Equal Employment Opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, sex, sexual orientation, gender identity, religion, national origin, disability, veteran status, or other legally protected status. At Datavant our total rewards strategy powers a high-growth, high-performance, health technology company that rewards our employees for transforming health care through creating industry-defining data logistics products and services. The range posted is for a given job title, which can include multiple levels. Individual rates for the same job title may differ based on their level, responsibilities, skills, and experience for a specific job. The estimated total cash compensation range for this role is: $136,000$170,000 USD. To ensure the safety of patients and staff, many of our clients require post-offer health screenings and proof and/or completion of various vaccinations such as the flu shot, Tdap, COVID-19, etc. Any requests to be exempted from these requirements will be reviewed by Datavant Human Resources and determined on a case-by-case basis. Datavant is committed to working with and providing reasonable accommodations to individuals with physical and mental disabilities. If you need an accommodation while seeking employment, please request it here, by selecting the 'Interview Accommodation Request' category. You will need your requisition ID when submitting your request, you can find instructions for locating it here .