Security Analyst (GRC)

At Machinify, we’re building a robust security program to protect our clients’ sensitive healthcare data and maintain the highest standards of information security. As part of the Security team, you will play a central role in managing our security assurance operations — helping ensure that customer requests, audit activities, and compliance processes run smoothly and efficiently.

This is an entry-level role suited for someone detail-oriented, hardworking, and intellectually curious. A background in cybersecurity is helpful but not required. We’ll consider candidates with experience in business operations, finance, accounting, or related fields who demonstrate strong organizational instincts and a commitment to doing things right.

• Own the intake process for security assurance requests: review incoming tickets, triage and prioritize work, assign tasks to the appropriate team members, and track requests to resolution
• Resolve routine and straightforward security inquiries and questionnaire items independently
• Communicate clearly with internal stakeholders and customers throughout the assurance process, setting expectations and providing status updates
• Respond to customer security questionnaires and audit requests with accuracy and timeliness, escalating complex items as appropriate
• Maintain the security documentation repository and ensure materials are current and accessible
• Support customer-facing security calls and presentations alongside senior team members

• Assist with HITRUST r2 and SOC 2 audit preparation and evidence collection
• Help coordinate audit activities across internal teams, tracking open items and deadlines
• Support access review processes and other recurring compliance activities
• Assist with security policy and procedure maintenance

• Track and report on security metrics and assurance request status
• Support vendor risk assessment activities
• Assist with security awareness efforts and documentation as needed
• Participate in security incident response when needed

• Bachelor’s degree in Information Security, Business, Operations, Finance, Accounting, or a related field, or equivalent work experience
• Strong attention to detail and follow-through — you catch things others miss and see tasks through to completion
• Excellent written and verbal communication skills, including comfort communicating with external clients
• Ability to manage multiple concurrent requests and prioritize effectively in a fast-paced environment
• Strong problem-solving orientation; you approach unfamiliar situations with curiosity and good judgment
• Proficiency with productivity and work-tracking tools (ticketing systems, spreadsheets, document management)

• 1–2 years of experience in operations, compliance, audit support, finance, or a related field
• Exposure to information security concepts, frameworks (NIST, HITRUST, SOC 2), or HIPAA compliance
• Experience in healthcare, healthcare technology, or working with regulated data environments
• Familiarity with GRC or security assurance workflows

What We Offer

• Work from anywhere in the US! Machinify is digital-first.
• Top Medical/Dental/Vision offerings
• FSA/HSA
• Tuition reimbursement
• Competitive salary, 401(k) with company match
• Additional health and wellness benefits and perks
• Flexible and trusting environment where you’ll feel empowered to do your best work

The salary for this position is based on an array of factors unique to each candidate: Such as years and depth of experience, set skills, certifications, etc.  We are hiring for different levels, and our Recruiting team will let you know if you qualify for a different role/range. 

Pay range: $70,000-$95,000