[Hiring] GRC Analyst @AP MAX INC

Role Description

The GRC Analyst will lead and operationalize the organization’s SOC 2 compliance program while supporting broader governance, risk, and compliance initiatives. This role is responsible for building policies, managing compliance frameworks, and ensuring audit readiness across the organization. The ideal candidate is hands-on, detail-oriented, and capable of driving cross-functional alignment across technical and business teams.

Key Responsibilities

• Lead SOC 2 Type 1 gap assessment and readiness initiatives
• Develop and maintain information security policies and procedures
• Manage compliance platform and control evidence collection
• Execute HIPAA compliance initiatives and maintain documentation
• Maintain risk register and conduct regular risk assessments
• Manage vendor security reviews and assessments
• Partner with engineering teams to align technical controls with compliance requirements
• Serve as primary point of contact for external auditors

Qualifications

• Minimum 4+ years of experience in GRC, compliance, or information security
• Hands-on experience with SOC 2 frameworks
• Knowledge of HIPAA security requirements
• Experience with compliance platforms such as Drata or similar
• Strong policy writing and documentation skills
• Ability to manage cross-functional stakeholders

Preferred Requirement

• CISA, CISM, or CRISC certification
• Experience in regulated or healthcare environments
• Exposure to ISO 27001 or NIST frameworks
• Experience managing external audits

Benefits

• Full benefits package including medical, vision, dental, 401(k) with company match, PTO, Flex days, holidays, and more
• Working in Madeira in a shared office space, remote in Portugal, or remote in a Portuguese timezone-friendly location
• Opportunity to build and own compliance programs from the ground up
• High-impact role supporting company-wide security and regulatory initiatives
• Benefits package designed to meet local market standards and legal requirements

Equal Opportunity Employer Statement

Allia Health Group is proud to be an Equal Opportunity Employer where we are committed to fostering a diverse and inclusive workplace. We are committed to cultivating a culture where all team members feel valued & respected. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, gender identity or expression, sexual orientation, national origin, genetic information, disability, age, veteran status, or any other characteristics protected by applicable law.

If you have any questions or require immediate assistance or accommodations during the application or interview process, please contact us at [email protected] .