Now is the time to join us! 

Who are you?

We are looking for a motivated and eager-to-learn GRC Associate to join our Governance, Risk, and Compliance (GRC) team. This entry-level position is designed to provide foundational experience in GRC activities under the guidance of senior analysts and supervisors. The role focuses on assisting with policy management, compliance tasks, risk identification, and general support for the GRC function.

In this role you will wear many hats, but your knowledge will be essential in the following:  

• Support for Governance and Policy Management
• Assist in maintaining documentation related to policies, standards, and procedures.
• Help with policy distribution and ensuring policies are accessible to relevant stakeholders.
• Provide basic administrative support for governance-related tasks.
• Risk Management Assistance
• Participate in simple risk assessments by gathering data and documenting findings.
• Support the maintenance of the organization’s risk register and ensure updates are accurate.
• Track and document the status of risk mitigation efforts under supervision.
• Compliance Support
• Collect evidence for audits and compliance reviews as directed by senior analysts.
• Assist in tracking audit findings and documenting remediation efforts.
• Monitor compliance with policies and procedures through basic reviews and reporting.
• Training and Awareness Activities
• Assist in developing educational materials for compliance training and awareness.
• Provide administrative support for training sessions and awareness programs.
• Reporting and Documentation
• Prepare draft reports on GRC activities, including risk assessments, compliance status, and audit findings.
• Maintain accurate and organized records of GRC-related tasks and projects.

You’ll be rewarded and recognized for your performance in an environment that will challenge you and give you clear direction on what it takes to succeed in your role as well as provide development for other roles you may be interested in.

What you bring to the Personify Health Team:

In order to represent the best of what we have to offer you come to us with a multitude of positive attributes including:

• Currently pursuing or recently completed a Bachelor’s degree in Information Security, Business Administration, Computer Science, or a related field.
• Familiarity with regulatory standards (SOC 2, ISO 27001, HIPAA, GDPR) is a plus but not required.
• Previous internship or academic experience related to cybersecurity, risk management, or compliance is a plus.

You also take pride in offering the following Core Skills, Competencies, and Characteristics:

Strong attention to detail and willingness to learn.

• Basic understanding of GRC concepts and interest in pursuing a career in this field.
• Proficiency with Microsoft Office Suite (Word, Excel, PowerPoint).
• Good communication skills and ability to work collaboratively with a team.
• Organizational skills with the ability to manage multiple tasks effectively.

No candidate will meet every single desired qualification. If your experience looks a little different from what we’ve identified and you think you can bring value to the role, we’d love to learn more about you!

Personify Health is an equal opportunity organization and is committed to diversity, inclusion, equity, and social justice.

We strive to cultivate a work environment where differences are celebrated, and employees of all backgrounds are empowered to thrive. Personify Health is committed to driving Diversity, Equity, Inclusion and Belonging (DEIB) for all stakeholders: employees (at each organization level), members, clients and the communities in which we operate. Diversity is core to who we are and critical to our work in health and wellbeing.