Apply now »

Lead Security GRC Analyst

About Providence

Providence, one of the US’s largest not-for-profit healthcare systems, is committed to high quality, compassionate healthcare for all. Driven by the belief that health is a human right and the vision, ‘Health for a better world’, Providence and its 121,000 caregivers strive to provide everyone access to affordable quality care and services.

Providence has a network of 51 hospitals, 1,000+ care clinics, senior services, supportive housing, and other health and educational services in the US.

Providence India is bringing to fruition the transformational shift of the healthcare ecosystem to Health 2.0. The India center will have focused efforts around healthcare technology and innovation, and play a vital role in driving digital transformation of health systems for improved patient outcomes and experiences, caregiver efficiency, and running the business of Providence at scale.


Why Us?

  • Best In-class Benefits
  • Inclusive Leadership
  • Reimagining Healthcare
  • Competitive Pay
  • Supportive Reporting Relation

Role Summary

The Cybersecurity Business Analyst & Technical Writer is responsible for documenting, analyzing, and standardizing cybersecurity business processes with a strong focus on Identity & Access Management (IAM), governance workflows, exception management, and cybersecurity policies. The role partners with Cybersecurity Engineering, IAM, GRC, Risk, Compliance, Legal, and IT teams to translate complex technical and operational practices into clear, accurate, and audit-ready documentation.

Cybersecurity Business Process Documentation (IAM & GRC)

  • Document current-state (as-is) and future-state (to-be) IAM and cybersecurity business processes.
  • Capture IAM Joiner–Mover–Leaver (JML), access request, approval, provisioning, and de-provisioning workflows.
  • Document privileged access, service account, and identity governance processes.
  • Develop process narratives, swim-lane diagrams, and workflow documentation.
  • Identify gaps, inefficiencies, and improvement opportunities in existing processes.

Governance & Exception Management Documentation

  • Document cybersecurity governance models, decision forums, and approval workflows.
  • Capture end-to-end security exception and risk acceptance processes.
  • Document exception intake, assessment, approval, tracking, renewal, and closure workflows.
  • Ensure traceability between policies, standards, controls, and approved exceptions.

Cybersecurity Policy, Standards & Procedure Writing

  • Author, review, and maintain cybersecurity policies, standards, procedures, and guidelines.
  • Translate regulatory and framework requirements into clear, business-friendly documentation.
  • Ensure documentation accuracy while maintaining technical correctness.
  • Support policy lifecycle management including periodic reviews and updates.

Stakeholder Engagement & Requirements Analysis

  • Engage with Cybersecurity, IT, Risk, Compliance, and business stakeholders to gather requirements.
  • Facilitate workshops and working sessions to validate documented processes.
  • Ensure documentation reflects approved governance decisions and real-world operations.

Audit, Compliance & Knowledge Management Support

  • Ensure documentation is audit-ready and supports regulatory and compliance requirements.
  • Support internal and external audits by providing process and policy documentation.
  • Maintain centralized documentation repositories and version control.
  • Define documentation standards, templates, and naming conventions.

Required Skills & Experience

  • 5–8 years of experience as a Cybersecurity Business Analyst, Technical Writer, or GRC/IAM documentation specialist.
  • Strong experience documenting IAM processes, governance workflows, and cybersecurity operating models.
  • Excellent written communication and documentation skills.
  • Strong understanding of cybersecurity concepts such as access control, least privilege, and risk acceptance.
  • Experience working closely with cybersecurity and IT teams.

Preferred Qualifications

  • Experience in healthcare or other highly regulated industries.
  • Familiarity with NIST CSF, ISO 27001, CIS Controls, or HIPAA (documentation context).
  • Exposure to IAM platforms such as SailPoint, Entra ID, Active Directory, or PAM tools.
  • Experience with documentation and diagramming tools such as Confluence, SharePoint, Visio, or Lucidchart.

Behavioral & Professional Competencies

  • Exceptional attention to detail and documentation discipline.
  • Strong analytical and process-oriented mindset.
  • Ability to translate complex technical content into clear, structured language.
  • Strong collaboration and facilitation skills.

Providence’s vision to create ‘Health for a Better World’ aids us to provide a fair and equitable workplace for all in our employment, whether temporary, part-time or full time, and to promote individuality and diversity of thought and background, and acknowledge its role in the organization’s success. This makes us committed towards equal employment opportunities, regardless of race, religion or belief, color, ancestry, disability, marital status, gender, sexual orientation, age, nationality, ethnic origin, pregnancy, or related needs, mental or sensory disability, HIV Status, or any other category protected by applicable law. In furtherance to our mission in building a more inclusive and equitable environment, we shall, from time to time, undertake programs to assist, uplift and empower underrepresented groups including but not limited to Women, PWD (Persons with Disabilities), LGTBQ+ (Lesbian, Gay, Transgender, Bisexual or Queer), Veterans and others. We strive to address all forms of discrimination or harassment and provide a safe and confidential process to report any misconduct.

Contact our Integrity hotline also, read our Code of Conduct.

Apply now »