Jobs
>
San Francisco

    Third Party Risk Analyst - San Francisco, United States - One Medical

    One Medical
    One Medical San Francisco, United States

    4 days ago

    Default job background
    Description

    Job Description

    Job Description

    About Us

    One Medical is a primary care solution challenging the industry status quo by making quality care more affordable, accessible and enjoyable. But this isn't your average doctor's office. We're on a mission to transform healthcare, which means improving the experience for everyone involved - from patients and providers to employers and health networks. Our seamless in-office and 24/7 virtual care services, on-site labs, and programs for preventive care, chronic care management, common illnesses and mental health concerns have been delighting people for the past fifteen years.

    In February 2023 we marked a milestone when One Medical joined Amazon. Together, we look to deliver exceptional health care to more consumers, employers, care team members, and health networks to achieve better health outcomes. As we continue to grow and seek to impact more lives, we're building a diverse, driven and empathetic team, while working hard to cultivate an environment where everyone can thrive.

    The Opportunity

    As a Third Party Risk Analyst at One Medical, your primary focus will be assessing vendors and partners on our third party security risk management team and working as a trusted business advisor on risk and security. This is an evolving opportunity in technology compliance (GRC), with many interesting challenges ahead. The team is growing with opportunities for ownership, autonomy, innovation, and growth. You will work directly with builders and leadership across One Medical Security, IT, Product, and cross-functional partners from One Medical and Amazon Health Services (AHS) businesses and Security, as well as subject matter experts in Legal and Privacy to improve our security and compliance posture. While driven by regulations and industry standards in technology governance, we are business advisors, helping the organization by ensuring the security and privacy of our member's, provider's and employee's information.

    What you'll work on:

    Primary Focus Areas:

    • Serve as a business liaison and advisor during the third party onboarding and reassessment process
    • Execute risk-based assessments of third parties' technology processes and control areas in a timely manner
    • Help determine the security posture and program maturity of our critical third parties
    • Work with business owners and third parties to identify and implement security improvements
    • Participate in maintaining and updating the master third party data inventory
    • Participate in improving One Medical's Third Party Risk Program

    Secondary Focus Areas:

    • Design, implement, and validate compensating controls, collaborating with security, privacy, IT, and engineering teams.
    • Engage in audit readiness activities for various frameworks as they relate to the third party environment (SOC2, PCI, HIPAA, HITRUST, CCPA/CPRA etc).
    • Partner with the business as a trusted third party risk and security compliance advisor, providing timely and effective guidance to departments on requirements.

    You'll be set up for success if you have:

    • 2+ years performing Vendor Assessments
    • 3+ years experience in technical compliance, security and/or technology/IT audit (internal, or external); or 4+ years of experience at a Big 4 in a similar role
    • Experience reading and interpreting external audit / assessment reports (HITRUST, PCI, SOC2, etc)
    • Identified, assessed, and advised on compliance risks and controls to a variety of stakeholders and customers
    • General knowledge in some combination of Network Security, Vulnerability & Patch Management, Secure Development and Third Party Risk Lifecycle Management
    • Experience with at least one of the following: HIPAA, PCI, SOC, HITRUST
    • Ability to lead through influence and communication

    Nice to haves:

    • Experience in product development or security engineering
    • Experience at an audit firm
    • Extensive hands on experience with two or more of the following: HIPAA, PCI, SOC, HITRUST, ISO, FedRAMP, CCPA, SOX
    • Certifications such as: CISA, CISM, CISSP, CRISC, CIPP

    Benefits designed to aid your health and wellness:

    Taking care of you today

    • Paid sabbatical after 5 and 10 years
    • Employee Assistance Program - Free confidential advice for team members who need help with stress, anxiety, financial planning, and legal issues
    • Competitive Medical, Dental and Vision plans
    • Free One Medical memberships for yourself, your friends and family
    • Pre-Tax commuter benefits
    • PTO cash outs - Option to cash out up to 40 accrued hours per year

    Protecting your future for you and your family

    • 401K match
    • Opportunity to participate in company equity programs
    • Credit towards emergency childcare
    • Company paid maternity and paternity leave
    • Paid Life Insurance - One Medical pays 100% of the cost of Basic Life Insurance
    • Disability insurance - One Medical pays 100% of the cost of Short Term and Long Term Disability Insurance

    This is a full-time remote role based in the United States. One Medical is committed to fair and equitable compensation practices. The base salary range for this role is $90,400 to $161,000 Actual compensation packages are based on several factors that are unique to each candidate, including but not limited to skill set, depth of experience, certifications, and specific work location. The total compensation package for this position may also include RSUs, benefits and/or other applicable incentive compensation plans. For more information, visit

    #LI-DNI

    One Medical is an equal opportunity employer, and we encourage qualified applicants of every background, ability, and life experience to contact us about appropriate employment opportunities.

    One Medical participates in E-Verify and will provide the federal government with your Form I-9 information to confirm that you are authorized to work in the U.S. Please refer to the E-Verification Poster (English/Spanish) and Right to Work Poster (English/Spanish) for additional information.

  • Insight Global

    Risk Analyst

    2 weeks ago

    Insight Global San Francisco, United States

    Insight Global is searching for a Risk Analyst to join a top client in the Container Leasing and Logistics industry on a temporary basis. As a Risk Analyst, you would play a crucial role in assessing and managing potential risks within the financial sector. Your analytical skills ...

  • AtoB

    Risk Analyst

    1 week ago

    AtoB San Francisco, United States

    [Full Time] Risk Analyst at AtoB (United States) | BEAMSTART Jobs · Risk Analyst · AtoB United States · Date Posted · 25 Jun, 2022 · Work Location · San Francisco, United States · Salary Offered · Not Specified · Job Type · Full Time · Experience Required · No experience requir ...

  • Vouch

    Operational Risk Analyst

    1 week ago

    Vouch San Francisco, United States

    [Full Time] Operational Risk Analyst at Vouch (United States) | BEAMSTART Jobs · Operational Risk Analyst · Vouch United States · Date Posted · 15 Feb, 2023 · Work Location · San Francisco, United States · Salary Offered · $90000 — $105000 yearly · Job Type · Full Time · Experi ...

  • Clicklease

    Credit Risk Analyst

    1 week ago

    Clicklease West Valley City, United States

    Job Description · Job DescriptionAt Clicklease, we're on a unique mission – to empower the small business owners often overlooked by traditional lenders. If you're considering joining our team, envision yourself at the heart of our vibrant headquarters in West Valley City, UT, or ...

  • eXcell

    Risk technical analyst

    2 days ago

    eXcell San Francisco, CA, United States

    As part of a leading IT managed services specialist with more than 12,000 associates worldwide, we rely on the personal relationships we build with our consultants and the clients who depend on them. Our client is currently seeking a qualified Technical Risk Analyst to join their ...

  • Checkr

    Senior Risk Analyst

    14 hours ago

    Checkr San Francisco, United States

    About Checkr · Checkr builds people infrastructure for the future of work. And we believe everyone should have a fair chance to work. That's why we've designed a faster—and fairer—way to screen job seekers. Established in 2014 and valued at $5B, Checkr puts modern technology powe ...

  • Clicklease

    Credit Risk Analyst

    1 week ago

    Clicklease West Valley City, United States

    Job Description · Job DescriptionAt Clicklease, we're on a unique mission – to empower the small business owners often overlooked by traditional lenders. If you're considering joining our team, envision yourself at the heart of our vibrant headquarters in West Valley City, UT, or ...

  • eXcell

    Technical Risk Analyst

    4 days ago

    eXcell San Francisco, United States

    As part of a leading IT managed services specialist with more than 12,000 associates worldwide, we rely on the personal relationships we build with our consultants and the clients who depend on them. Join the · eXcell team. · Our client is currently seeking a qualified Technical ...

  • Integrated Pain Management Medical Group, Inc.

    Risk and Safety Analyst

    1 week ago

    Integrated Pain Management Medical Group, Inc. Walnut Creek, United States

    **Position Overview**: · - This role proactively identifies potential clinical risks and safety issues that could impact patients, caregivers, stakeholders, and medical staff. Through analysis of clinical risk management data, the position contributes to performance improvement i ...

  • Uber

    Senior Risk Analyst

    1 week ago

    Uber San Francisco, United States Full time

    About the Role · We're disrupting the transportation space, reinventing insurance protection, and growing in the U.S. and worldwide Insurance is a uniquely strategic function at Uber and this is a very different role than traditional corporate risk manager roles. You get to work ...

  • City and County of San Francisco

    Cybersecurity Risk Assessment Analyst

    1 week ago

    City and County of San Francisco San Francisco, United States

    Announcement is reopening to accept additional applications. Applicants that have already applied, do not need to reapply. This position is open until filled. · IMPORTANT: Your application MUST include responses to the supplemental questionnaire found here: · Applicants must com ...

  • City and County of San Francisco

    Cybersecurity Risk Assessment Analyst

    5 days ago

    City and County of San Francisco San Francisco, United States

    Company Description · Announcement is reopening to accept additional applications. Applicants that have already applied, do not need to reapply. This position is open until filled. · IMPORTANT: Your application MUST include responses to the supplemental questionnaire found here ...

  • City and County of San Francisco

    Cybersecurity Risk Assessment Analyst

    5 days ago

    City and County of San Francisco San Francisco, United States

    Job Description · Job DescriptionCompany Description · Announcement is reopening to accept additional applications. Applicants that have already applied, do not need to reapply. This position is open until filled. · IMPORTANT: Your application MUST include responses to the supple ...

  • Notion, LLC

    Sr. Principal Risk Analyst

    1 week ago

    Notion, LLC San Francisco, United States

    About Us: · We're on a mission to make it possible for every person, team, and company to be able to tailor their software to solve any problem and take on any challenge. Computers may be our most powerful tools, but most of us can't build or modify the software we use on them e ...

  • Upgrade, Inc.

    Sr. Analyst, Credit Card Risk

    2 days ago

    Upgrade, Inc. San Francisco, United States

    Upgrade is a fintech unicorn founded in 2017. We are the fastest-growing company in the Americas (Financial Times). In the last five years, over 15 million people have applied for an Upgrade card or loan, and we have delivered over $10 billion in affordable and responsible credit ...

  • Fiserv

    Risk Analyst

    10 hours ago

    Fiserv Berkeley, United States

    You deserve to do what you love, and love what you do – a career that works as hard for you as you do. At Fiserv, we are more than 40,000 #FiservProud innovators delivering superior value for our clients through leading technology, targeted innovation and excellence in everything ...

  • City and County of San Francisco

    Cybersecurity Risk Assessment Analyst Department of Technology 1052

    7 hours ago

    City and County of San Francisco San Francisco, United States Full time

    Job Description · The Office of Cybersecurity was established in 2022 by the Board of Supervisors at the best of Mayor London Breed as a Citywide Office located within the Department of Technology. We create citywide policies, act as a front line against cyber attacks, and help o ...

  • Info Way Solutions

    Risk Analyst

    1 week ago

    Info Way Solutions Fremont, United States

    Hi , · Hope you are doing well, · My name is Sagar ; I am a Technical Recruiter with Info Way Solutions LLC. · I have a requirements of below position, share me the resume of your consultants accordingly. · Role:- Sr. Back End Java Developer · Experience : Total 5+ Year of e ...

  • State Teachers' Retirement System

    Associate Portfolio Manager

    2 days ago

    State Teachers' Retirement System San Francisco County, CA, United States

    **This position is eligible for incentive compensation and has a maximum incentive opportunity of 50% of base salary.** · To help bolster its co-investment activity, the Private Equity team seeks to recruit an Associate Portfolio Manager to support the Portfolio Managers of Direc ...

  • Control Risks

    Intelligence Analyst

    1 week ago

    Control Risks San Francisco, United States

    Control Risks specializes in supporting clients with rapidly-growing global operations. We enable clients to succeed in the most complex and even hostile environments, securing staff, information, and other assets in locations across the US and globally. · Our team is looking to ...