Sr. Security Compliance Analyst

Bamboo Health is the leader in Real-Time Care Intelligence solutions aimed at improving lives for everyone experiencing physical and behavioral health challenges. We are driven by our mission to empower clients to deliver seamless, high-quality and cost-effective care during pivotal moments to improve health outcomes. From coast to coast, Bamboo Health partners with all major retail pharmacy chains, 52 states and territories, 100% of the top 10 best hospitals and more than half of the country's largest health plans to improve more than 1 billion patient encounters annually. Join us in improving lives during pivotal care moments!

Summary:

Bamboo Health Security designs innovative security architectures across cloud services, identity management, virtualization, and third-party providers, ensuring compliance in complex regulatory environments. Our highly collaborative team is committed to growth and innovation.

We are seeking a Senior Security Compliance Analyst to monitor and enforce compliance, assess risks, and enhance security processes using AI and automation. This role bridges compliance and security operations, conducting system reviews, supporting audits, and assisting with security incidents. You'll collaborate with experienced security experts to strengthen compliance and risk management across the organization.

What You'll Do:

• Ensure compliance with internal and external policies, standards, and regulations.
• Enhance the compliance program using AI, automation, and process improvements.
• Support external audits and customer inquiries by providing necessary information.
• Leverage AI tools to streamline compliance request responses while applying professional judgment.
• Maintain and develop policy documentation, ensuring clarity and alignment across IT, Legal, HR, and Operations.
• Assist in internal compliance training and best practices initiatives.
• Align security operations with compliance requirements and support audits.
• Clearly communicate compliance status to internal and external stakeholders.
• Assist Security Operations with incident response and continuous improvement efforts.
• Participate in the on-call rotation to escalate and resolve security incidents.

What Success Looks Like...

In 3 months...

• Learn the current compliance landscape, tools, policies, procedures, and stakeholders in key internal departments.
• Develop an understanding of the specific regulatory frameworks that Bamboo Health adheres to.
• Understand and be able to describe the function of Bamboo Health's products and services.
• Participate in weekly on-call rotation, incident analysis, and escalation - aiding Security Operations as needed.

In 6 months...

• Understand Bamboo Health's current compliance status and begin to identify immediate compliance risks or gaps.
• Participating in risk and compliance assessment exercises with internal teams.
• Describe the organization layout in detail and identify key stakeholders.
• Be familiar with the required communication channels and participate in providing required metrics and feedback to internal and external stakeholders.

In 12 months...

• Make recommendations and provide feedback to improve the effectiveness of our internal compliance program.
• Actively helping to improve and streamline the methods, processes, and procedures used in measuring and adhering to compliance requirements.
• Lead the team's efforts in completing comprehensive security assessments executed by independent third-party assessment organizations and utilize the findings to improve compliance.
• Augment the team's efforts with internal educational initiatives and objectives.

What You Need:

• 5+ years of experience utilizing information security best practices, compliance frameworks, and security tooling and processes.
• Familiarity with security frameworks like ISO, NIST, HIPAA, CIS, HITRUST, and FedRAMP.
• Experience with testing and measuring security controls.
• Ability to provide technical and operational support on security compliance initiatives.
• Expertise in security auditing and evidence gathering for compliance purposes.
• Experience in security best practices and controls applied in cloud-centric environments (AWS/Azure/GCP).
• Excellent written and verbal communication skills, with ability to build and communicate business rationale.
• Strong ability to learn quickly and work independently while being part of a team.
• Ability to build effective, sustainable working relationships internally, with customers, and external stakeholders.
• Working knowledge of incident response best practices and programs would be beneficial.
• Strong analytical and problem-solving skills, with a high level of judgment and creativity in designing innovative solutions.
• Demonstrated ability to thrive in fast-paced, high-growth, and rapidly evolving environments.
• Ability to work effectively in a remote-first environment, ensuring high-quality virtual interactions with minimal distractions.

What You Get:

• Join one of the most innovative healthcare technology companies in the country.
• Have the autonomy to build something with an enthusiastically supportive team.
• Learn from working at the highest levels and on the most strategic priorities of the company, including from world class investors and advisors.
• Receive competitive compensation including health, dental, vision and other benefits.

Belonging at Bamboo

We Care. #BambooHealthValuesCare

Every human being has the right to the best possible healthcare. Our Real-Time Care IntelligenceTM solutions enable healthcare professionals to see and treat every individual as a whole person by providing the right information, at the right time - regardless of physical, behavioral or social barriers.

We're a great place to work because we care. We continually seek to learn about our differences and ensure the unique perspectives and contributions of all employees are welcome, valued and celebrated.

Our commitment to making a positive impact starts by recognizing and leveraging our differences, building inclusive teams and cultivating a sense of belonging.

Bamboo Health is proud to provide equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws.

This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training.

To protect our applicants from fraudulent recruitment activity, we recommend that all applicants verify the validity of an interview and hiring process by visiting our website www.bamboohealth.com. All valid job postings will be listed on our careers page. Bamboo Health does not conduct interviews via text and will not request sensitive information such as banking details during the application process.