GRC Analyst - Remote

Posted 2 days ago

All others

Full Time

USA

Vulnerability Management

Endpoint Security

Secure Software Development

GRC

Incident Response

Autonomous Work

Overview

As a GRC Analyst at Truemed, you will be responsible for leading SOC2 Type II compliance and shaping the security framework at a fast-growing startup focused on payments processing for health and wellness enterprises.

In Short

Lead SOC2 Type II Compliance – Own the end-to-end process, including risk assessments, audits, and evidence collection.
Governance, Risk, and Compliance (GRC) – Respond to customer security questionnaires and build scalable processes to streamline responses.
Security Tooling & Implementation – Drive adoption of MDMs, virus scanners, and vulnerability management across our full stack.
Incident Response & Risk Mitigation – Develop security monitoring, respond to incidents, and proactively harden our systems before issues arise.
Cross-Team Collaboration – Work directly with engineering, sales, and customer success teams.
Support Security in IT - Manage and enforce that company owned devices are provisioned and secure.

Requirements

5+ years of experience in security engineering, compliance, or security operations.
Hands-on experience with SOC2 Type II audits.
Strong background in vulnerability management, endpoint security, and secure software development practices.
Familiarity with MDMs, antivirus tools, SIEMs, and web security best practices.
Experience working with GRC teams and responding to enterprise security questionnaires.
Ability to work autonomously and drive initiatives without excessive oversight.
Scrappy attitude and a willingness to do the dirty work to make a successful startup.
Bonus: Experience in payments, fintech, or healthcare security.

Benefits

Get in on the ground floor – Build security at a company that prioritizes it from day one.
High autonomy – Own security initiatives and define how security is done at scale.
Growth opportunities – Be the first dedicated security hire with the potential to grow into a leadership role.
Work on impactful problems – Protect sensitive payment and health data while helping close high-value enterprise deals.
Remote-friendly – Work from anywhere in the US while collaborating with top-tier engineers.

Truemed

Truemed is a mission-driven company focused on transforming healthcare by enabling patients to use their HSA and FSA funds for preventive health measures, such as healthy food, exercise, and supplements. With a goal to redirect over $150 billion in HSA/FSA accounts towards true medicine, Truemed aims to incentivize healthier lifestyle choices and combat the rising chronic illness crisis in the U.S. Founded by experienced entrepreneurs Justin Mares and Calley Means, the company is dedicated to making healthy choices more accessible and affordable, ultimately improving health outcomes for millions of Americans. Truemed fosters an innovative and collaborative work environment, offering opportunities for professional growth and impactful work in the wellness sector.

Share This Job!

Save This Job!

Jobs from Truemed:

Account Executive

Sales

Client Relationships

Revenue Growth

Telehealth Clinicians (MD, NP, PA, DO)

Telehealth

Clinical Care

Functional Medicine

Senior Solutions Engineer