Apply now »

Lead Security GRC Analyst

About Providence

Providence, one of the US’s largest not-for-profit healthcare systems, is committed to high quality, compassionate healthcare for all. Driven by the belief that health is a human right and the vision, ‘Health for a better world’, Providence and its 121,000 caregivers strive to provide everyone access to affordable quality care and services.

Providence has a network of 51 hospitals, 1,000+ care clinics, senior services, supportive housing, and other health and educational services in the US.

Providence India is bringing to fruition the transformational shift of the healthcare ecosystem to Health 2.0. The India center will have focused efforts around healthcare technology and innovation, and play a vital role in driving digital transformation of health systems for improved patient outcomes and experiences, caregiver efficiency, and running the business of Providence at scale.


Why Us?

  • Best In-class Benefits
  • Inclusive Leadership
  • Reimagining Healthcare
  • Competitive Pay
  • Supportive Reporting Relation

Job Description – Lead Cybersecurity Compliance Management Analyst

Role Summary

The Lead Cybersecurity Compliance Management Analyst supports the execution and ongoing operation of the organization’s cybersecurity compliance program. This role is responsible for performing compliance assessments, control testing, evidence management, audit support, and remediation tracking across cybersecurity domains. The analyst partners closely with Cyber Engineering, GRC, Risk Management, Internal Audit, Privacy, and IT teams to maintain audit readiness and regulatory compliance.

Cybersecurity Compliance Execution

  • Execute cybersecurity compliance activities aligned to frameworks such as HIPAA, NIST CSF, NIST 800-53, ISO 27001, CIS Benchmarks, PCI-DSS, and SOX.
  • Support periodic compliance assessments across applications, infrastructure, cloud, and security platforms.
  • Interpret regulatory and security requirements and map them to applicable controls.
  • Maintain compliance trackers and posture dashboards.

Control Assurance & Testing

  • Support control documentation, walkthroughs, testing, and evidence validation.
  • Perform control effectiveness testing and maturity assessments.
  • Identify control gaps and support remediation planning.
  • Track remediation progress and validate closure.

Policy, Standards & Governance Support

  • Support maintenance and periodic review of cybersecurity policies and standards.
  • Ensure alignment with regulatory requirements and industry frameworks.
  • Support compliance governance forums and exception tracking.
  • Maintain control libraries and documentation repositories.

Audit & Regulatory Support

  • Support internal and external audits and regulatory examinations.
  • Collect, validate, and manage audit evidence.
  • Track audit findings, management action plans, and closure status.
  • Coordinate with stakeholders for timely audit responses.

Reporting & Continuous Improvement

  • Maintain compliance metrics, dashboards, and status reporting.
  • Analyze trends in findings and recurring issues.
  • Support process improvement and automation initiatives.
  • Leverage GRC tools such as ServiceNow GRC.

Required Skills & Experience

  • 6~9 years of experience in cybersecurity compliance, GRC, risk management, or audit support roles.
  • Working knowledge of frameworks such as HIPAA, NIST, ISO, PCI, and CIS.
  • Experience with compliance assessments, audits, and control testing.
  • Familiarity with GRC tools (ServiceNow GRC preferred).
  • Strong analytical and documentation skills.

Preferred Qualifications

  • Experience in healthcare or other regulated industries.
  • Exposure to policy lifecycle management and control frameworks.
  • Certifications or progress toward CISA, CRISC, CISM, CISSP, or ISO 27001.

Behavioral & Professional Competencies

  • Strong attention to detail and audit discipline.
  • Ability to translate regulatory requirements into actionable controls.
  • Strong written and verbal communication skills.
  • Collaborative and continuous improvement mindset.

Providence’s vision to create ‘Health for a Better World’ aids us to provide a fair and equitable workplace for all in our employment, whether temporary, part-time or full time, and to promote individuality and diversity of thought and background, and acknowledge its role in the organization’s success. This makes us committed towards equal employment opportunities, regardless of race, religion or belief, color, ancestry, disability, marital status, gender, sexual orientation, age, nationality, ethnic origin, pregnancy, or related needs, mental or sensory disability, HIV Status, or any other category protected by applicable law. In furtherance to our mission in building a more inclusive and equitable environment, we shall, from time to time, undertake programs to assist, uplift and empower underrepresented groups including but not limited to Women, PWD (Persons with Disabilities), LGTBQ+ (Lesbian, Gay, Transgender, Bisexual or Queer), Veterans and others. We strive to address all forms of discrimination or harassment and provide a safe and confidential process to report any misconduct.

Contact our Integrity hotline also, read our Code of Conduct.

Apply now »