Datavant is a data platform company and the world's leader in health data exchange. Our vision is that every healthcare decision is powered by the right data, at the right time, in the right format.Our platform is powered by the largest, most diverse health data network in the U.S., enabling data to be secure, accessible and usable to inform better health decisions. Datavant is trusted by the world's leading life sciences companies, government agencies, and those who deliver and pay for care.By joining Datavant today, you're stepping onto a high-performing, values-driven team. Together, we're rising to the challenge of tackling some of healthcare's most complex problems with technology-forward solutions. Datavanters bring a diversity of professional, educational and life experiences to realize our bold vision for healthcare.What We're Looking ForWe are seeking a highly skilled Senior Risk Analyst (GRC) who will play a critical role in executing our information security risk management, governance, and security awareness programs. This role is ideal for a GRC professional with strong experience in risk analysis, stakeholder (technical and non-technical) communication, quantitative and qualitative reporting, and collaborates with an agile, solution-oriented mindset.You will focus primarily on operational GRC execution, including risk assessments, remediation tracking, policy and data governance, and security awareness support. You will also partner cross-functionally to help automate processes, build scalable workflows, and mature our governance programs in a complex and rapidly evolving environment.What You Will DoWork remotely and operate both independently and collaboratively to provide expert-level GRC analysis.Perform ongoing information security risk assessments across vendors, systems, processes, and business units using standardized methodologies.Support continuous improvement of risk processes, including risk quantification, control mapping, scoring, and trend analysis.Contribute to remediation tracking and automation, including validation of actions, follow-ups with owners, and reporting on overdue or at-risk items.Support policy and standards governance, including drafting, revisions, approvals, publication, and tracking.Support governance committee activities, including Artificial Intelligence and Software review workflowsAdminister and enhance security awareness and training initiatives.Participate in maturing the Data Governance program by supporting data classification, inventory management, and risk identification using DSPM tooling.Build dashboards and analytics to visualize risk trends, key performance indicators, and remediation progress.Identify opportunities to streamline workflows, reduce manual effort, and improve scalability and agility.Collaborate with cross-functional teams to assess risks and support consistent security control application.Translate technical risks into clear, business-relevant insights for stakeholders.What You Need To SucceedExperience: 4-6 years of hands-on experience in Information Security, GRC, risk management or security awareness.Technical Proficiency: Strong understanding of security controls, frameworks, and IT processes. Experience working with GRC platforms (TrustCloud preferred), JIRA, and BI tools such as Sigma.Analytical Skills: Strong analytical and problem-solving abilities, with a keen attention to detail and the capacity to manage multiple priorities in a fast-paced environment.Communication Skills: Excellent communication and interpersonal skills, capable of effectively engaging with cross-functional teams and stakeholders across technical and non-technical roles.Adaptability: Strong ability to operate in an ambiguous, fast-moving, innovation-focused environment while maintaining high-quality execution.What Helps You Stand OutExperience: Strong understanding of security and privacy frameworks such as HITRUST, HIPAA, ISO 27001, PCI, SOC 2, NIST 800-53, or FedRAMP.Certifications: Possession of industry-recognized security, audit or related professional certifications such as CRISC, CISSP, CISA, or CISM.Healthcare Industry Experience: Prior experience in IT security and GRC functions within the healthcare sector.GRC and Analytics Tooling Experience: Hands-on experience with GRC platforms used for risk tracking, control mapping, and audit readiness. Proficiency in developing dashboards and visualizations that communicate risk, remediation, and compliance trends to leadership.We are committed to building a diverse team of Datavanters who are all responsible for stewarding a high-performance culture in which all Datavanters belong and thrive.We are proud to be an Equal Employment Opportunity employer. Datavant is committed to working with and providing reasonable accommodations to individuals with physical and mental disabilities. If you need an accommodation while seeking employment, please request it here, by selecting the 'Interview Accommodation Request' category. You will need your requisition ID when submitting your request, you can find instructions for locating it here. Requests for reasonable accommodations will be reviewed on a case-by-case basis.For more information about how we collect and use your data, please review our Privacy Policy.