GRC Security Analyst

Category

Information Systems and Technology

Position Type

Full-Time

At Curana Health, we’re on a mission to radically improve the health, happiness, and dignity of older adults—and we’re looking for passionate people to help us do it.

As a national leader in value-based care, we offer senior living communities and skilled nursing facilities a wide range of solutions (including on-site primary care services, Accountable Care Organizations, and Medicare Advantage Special Needs Plans) proven to enhance health outcomes, streamline operations, and create new financial opportunities.

Founded in 2021, we’ve grown quickly—now serving 200,000+ seniors in 1,500+ communities across 32 states. Our team includes more than 1,000 clinicians alongside care coordinators, analysts, operators, and professionals from all backgrounds, all working together to deliver high-quality, proactive solutions for senior living operators and those they care for.

If you’re looking to make a meaningful impact on the senior healthcare landscape, you’re in the right place—and we look forward to working with you.

For more information about our company, visit CuranaHealth.com.

Curana Health is seeking a detail-oriented and proactive GRC Security Analyst to join our IT Shared Services team. This role will be responsible for driving Governance, Risk, and Compliance initiatives with a strong emphasis on HIPAA and SOC 2 Type 2 audit readiness, facilitation, and remediation. The ideal candidate will bring a blend of technical acumen, regulatory expertise, and collaborative spirit to help ensure our security posture aligns with industry standards and regulatory requirements.

• Lead and support GRC activities across IT Security, including risk assessments, control testing, and compliance tracking.
• Facilitate and manage SOC 2 Type 2 audits and HIPAA compliance programs.
• Collaborate with internal teams to identify gaps, define remediation plans, and monitor progress.
• Maintain and improve security policies, procedures, and documentation.
• Assist in vendor risk management and third-party assessments.
• Provide guidance and training on compliance requirements to cross-functional teams.
• Stay current on regulatory changes and industry best practices.

• Experience: Minimum 3 years in GRC, IT Security, or related fields; 5+ years preferred.
• Education: Bachelor’s degree in Information Security, Computer Science, or related field preferred. May be offset by 5+ years of relevant experience.
• Certifications: CISA, CRISC, or similar certifications preferred.
• Skills:
  • Strong understanding of HIPAA and SOC 2 frameworks.
  • Experience with audit facilitation and compliance reporting.
  • Excellent communication and documentation skills.
  • Ability to work independently and manage multiple priorities.

We’re thrilled to announce that Curana Health has been named the 147^th fastest growing, privately owned company in the nation on Inc. magazine’s prestigious Inc. 5000 list. Curana also ranked 16^th in the “Healthcare & Medical” industry category and 21^st in Texas.

This recognition underscores Curana Health’s impact in transforming senior housing by supporting operator stability and ensuring seniors receive the high-quality care they deserve.