Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Lead compliance initiatives and audits to ensure Sword meets high security standards.
- Company: Join Sword Health, a pioneering tech company on a mission to eliminate pain globally.
- Benefits: Enjoy remote work, flexible hours, equity shares, and comprehensive health insurance.
- Why this job: Make a real impact in healthcare while working with a passionate and innovative team.
- Qualifications: 5+ years in Information Security with experience in SOC 2, ISO 27001, and compliance audits.
- Other info: Be part of a rapidly growing company valued at $2 billion, recognised as a top startup employer.
The predicted salary is between 36000 - 60000 ÂŁ per year.
Sword Health is on a mission to free two billion people from pain as the world’s first and only end-to-end platform to predict, prevent and treat pain.
Delivering a 62% reduction in pain and a 60% reduction in surgery intent, at Sword, we are using technology to save millions for our 2,500+ enterprise clients across three continents. Today, we hold the majority of industry patents, win 70% of competitive evaluations, and have raised more than $300 million from top venture firms like Founders Fund, Sapphire Ventures, General Catalyst, and Khosla Ventures.
Recognized as a Forbes Best Startup Employer in 2023, this award highlights our focus on being a destination for the best and brightest talent. Not only have we experienced unprecedented growth since our market debut in 2020, but we’ve also created a remarkable mission and value-driven environment that is loved by our growing team. With a recent valuation of $2 billion, we are in a phase of hyper growth and expansion, and we’re looking for individuals with passion, commitment, and energy to help us scale our impact.
Joining Sword Health means committing to a set of core values, chief amongst them to “do it for the patients” every day, and to always “deliver more than expected” on behalf of our members and clients.
This is an opportunity for you to make a significant difference on a massive scale as you work alongside 800+ (and growing!) talented colleagues, spanning two continents. Your charge? To help us build a pain-free world, powered by technology, enhanced by people — accessible to all.
Introduction:
As a GRC Analyst, you will play a pivotal role in ensuring Sword’s compliance with complex regulatory frameworks while driving innovation and efficiency in our Governance, Risk, and Compliance (GRC) programs. You will take ownership of key compliance initiatives, like SOC 2 and ISO 27001. This role functions independently to lead audits and improve risk management processes across the organization. This is an exciting opportunity to join a team where you’ll have a direct impact on safeguarding patient data, managing risk, and ensuring that Sword meets the highest security and compliance standards in the industry.
What you\’ll be doing:
- Leading the implementation and maintenance of key compliance frameworks such as SOC 2, ISO 27001, HITRUST, and PCI-DSS;
- Working closely with the Director of Risk and Compliance to continuously improve Sword’s GRC programs, driving initiatives to meet high compliance standards across Healthcare and AI;
- Taking full ownership of specific compliance certifications and audits, ensuring timely and effective execution;
- Mentoring and supporting junior team members, fostering a culture of continuous learning and improvement in the compliance function;
- Conducting comprehensive risk assessments, including third-party vendor risk management, and proposing strategies to mitigate identified risks;
- Spearheading internal and external audits for current and future compliance initiatives, ensuring accurate and efficient audit preparation and follow-up;
- Developing and enhancing processes related to security questionnaires, client security assessments, and compliance training at all organizational levels.
What you need to have:
- 5+ years of hands-on experience in Information Security certifications with proven success leading complex frameworks like SOC 2, ISO 27001, PCI-DSS, and HITRUST independently;
- Demonstrated experience in conducting and leading audits and maintaining compliance in highly regulated and complex environments such as Healthcare and AI;
- Excellent communication and leadership skills, with a demonstrated ability to mentor junior team members and communicate compliance requirements effectively to non-technical audiences;
- Strong analytical and problem-solving skills, with a proactive calculated approach to mitigating compliance risks;
- Self-starter approach with the ability to operate with minimal supervision.
We\’d Love to see:
- A strategic mindset with the ability to identify process improvements and drive compliance initiatives across multiple teams;
- Strong track record of implementing and/or improving Risk Management Programs, including third-party risk management;
- Experience with FedRAMP or similar government-focused compliance frameworks;
- Practical knowledge of security practices, including Penetration Testing, DevSecOps, or other hands-on security skills that can enhance compliance work;
- In-depth knowledge of relevant laws, regulations, and security standards, particularly in the healthcare sector;
- Previous experience in a healthcare startup;
- Demonstrated ability to balance long-term compliance strategy with short-term tactical needs.
US – Sword Benefits & Perks:
- Comprehensive health, dental and vision insurance*
- Equity shares*
- Discretionary PTO plan*
- Parental leave*
- 401(k)
- Flexible working hours
- Remote-first company
- Paid company holidays
- Free digital therapist for you and your family
*Eligibility: Full-time employees regularly working 25+ hours per week
Portugal – Sword Benefits & Perks:
- Health, dental and vision insurance
- Meal allowance
- Equity shares
- Remote work allowance
- Flexible working hours
- Work from home
- Unlimited vacation
- Snacks and beverages
- English class
- Unlimited access to Coursera Learning Platform
*US Applicants Only: Applicants must have a legal right to work in the United States, and immigration or work visa sponsorship will not be provided.*
SWORD Health, which includes SWORD Health, Inc. and Sword Health Professionals (consisting of Sword Health Care Providers, P.A., SWORD Health Care Providers of NJ, P.C., SWORD Health Care Physical Therapy Providers of CA, P.C.*) complies with applicable Federal and State civil rights laws and does not discriminate on the basis of Age, Ancestry, Color, Citizenship, Gender, Gender expression, Gender identity, Gender information, Marital status, Medical condition, National origin, Physical or mental disability, Pregnancy, Race, Religion, Caste, Sexual orientation, and Veteran status.
#J-18808-Ljbffr
Governance, Risk, and Compliance Analyst ( GRC, Remote) employer: Sword
Contact Detail:
Sword Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Governance, Risk, and Compliance Analyst ( GRC, Remote)
✨Tip Number 1
Familiarise yourself with the specific compliance frameworks mentioned in the job description, such as SOC 2 and ISO 27001. Understanding these frameworks will not only help you during interviews but also demonstrate your commitment to the role.
✨Tip Number 2
Network with professionals in the Governance, Risk, and Compliance field, especially those who have experience in healthcare or AI sectors. Engaging with industry experts can provide valuable insights and potentially lead to referrals.
✨Tip Number 3
Prepare to discuss your previous experiences in leading audits and managing compliance initiatives. Be ready to share specific examples of how you've improved processes or mitigated risks in past roles.
✨Tip Number 4
Showcase your leadership skills by highlighting any mentoring or training experiences you've had. Sword Health values a culture of continuous learning, so demonstrating your ability to support junior team members will set you apart.
We think you need these skills to ace Governance, Risk, and Compliance Analyst ( GRC, Remote)
Some tips for your application 🫡
Tailor Your CV: Make sure your CV highlights relevant experience in Governance, Risk, and Compliance. Focus on your hands-on experience with frameworks like SOC 2 and ISO 27001, as well as any leadership roles you've held.
Craft a Compelling Cover Letter: In your cover letter, express your passion for Sword Health's mission to alleviate pain. Mention specific compliance initiatives you have led and how they align with the company's goals.
Showcase Your Skills: Emphasise your analytical and problem-solving skills in your application. Provide examples of how you've successfully mitigated compliance risks in previous roles, especially in regulated environments like healthcare.
Highlight Continuous Learning: Mention any ongoing education or certifications related to compliance and risk management. This shows your commitment to staying updated in the field and aligns with Sword's value of continuous improvement.
How to prepare for a job interview at Sword
✨Understand the Compliance Frameworks
Make sure you have a solid grasp of key compliance frameworks like SOC 2, ISO 27001, and HITRUST. Be prepared to discuss your experience with these frameworks and how you've implemented them in previous roles.
✨Showcase Your Analytical Skills
As a GRC Analyst, strong analytical skills are crucial. Be ready to provide examples of how you've conducted risk assessments and proposed strategies to mitigate risks in past positions.
✨Demonstrate Leadership and Mentoring Experience
Highlight any experience you have in mentoring junior team members or leading compliance initiatives. This role values leadership, so be prepared to discuss how you've fostered a culture of continuous learning.
✨Communicate Effectively
Since you'll need to communicate compliance requirements to non-technical audiences, practice explaining complex concepts in simple terms. This will show your ability to bridge the gap between technical and non-technical stakeholders.