Senior Security Compliance Analyst - Remote

Overview

At OneStudyTeam (a Reify Health company), we specialize in speeding up clinical trials and increasing the chance of new therapies being approved with the ultimate goal of improving patient outcomes. Our cloud-based platform, StudyTeam, brings research site workflows online and enables sites, sponsors, and other key stakeholders to work together more effectively. StudyTeam is trusted by the largest global biopharmaceutical companies, used in over 6,000 research sites, and is available in over 100 countries. Join us in our mission to advance clinical research and improve patient care.

In Short

• Lead and support customer security audits and respond to security questionnaires.
• Prepare and manage ISO 27001 audits, including evidence collection.
• Ensure compliance with HIPAA, NIST CSF, and other regulatory requirements.
• Develop and maintain security policies and procedures.
• Perform gap analyses and risk assessments.
• Manage security governance frameworks.
• Conduct third-party vendor risk assessments.
• Monitor security controls for effectiveness.
• Stay current on relevant standards and translate them into actionable controls.
• Work closely with legal and IT teams to align compliance requirements.

Requirements

• 8+ years of experience in GRC, compliance, or IT audit.
• Experience leading ISO 27001 audits.
• Strong understanding of NIST CSF, SOC 2, and GDPR.
• Hands-on experience with customer security audits.
• Ability to perform risk assessments and policy reviews.
• Familiarity with GRC tools (e.g., OneTrust, LogicGate).
• Certifications like ISO 27001 Lead Auditor/Implementer preferred.

Benefits

• Opportunity to work in a mission-driven company.
• Collaborative work environment.
• Chance to improve patient care through technology.
• Diversity and inclusion valued.
• Professional development opportunities.