GRC Analyst

ABOUT ARTERAOur Mission: Make healthcare #1 in customer service.What We Deliver: Artera, a SaaS leader in digital health, transforms patient experience with AI-powered virtual agents (voice and text) for every step of the patient journey. Trusted by 1,000 provider organizations — including specialty groups, FQHCs, large IDNs and federal agencies — engaging 100 million patients annually. Artera’s virtual agents support front desk staff to improve patient access including self-scheduling, intake, forms, billing and more. Whether augmenting a team or unleashing a fully autonomous digital workforce, Artera offers multiple virtual agent options to meet healthcare organizations where they are in their AI journey. Artera helps support 2B communications in 109 languages across voice, text and web. A decade of healthcare expertise, powered by AI. Our Impact: Trusted by 1,000 provider organizations — including specialty groups, FQHCs, large IDNs and federal agencies — engaging 100 million patients annually. Our award-winning culture: Our award-winning culture: Since founding in 2015, Artera has consistently been recognized for its innovative technology, business growth, and named a top place to work. Examples of these accolades include: Inc. 5000 Fastest Growing Private Companies (2020, 2021, 2022, 2023, 2024); Deloitte Technology Fast 500 (2021, 2022, 2023, 2024, 2025); Built In Best Companies to Work For (2021, 2022, 2023, 2024, 2025). Artera has also been recognized by Forbes as one of “America’s Best Startup Employers,” Newsweek as one of the “World’s Best Digital Health Companies,” and named one of the top “44 Startups to Bet your Career on in 2024” by Business Insider.SUMMARYArtera is seeking a mid-level GRC Analyst to join our Information Security team and help us strengthen and scale our security and compliance program, particularly as we expand our work in the federal space. This individual will play a key role in supporting continuous monitoring efforts tied to FedRAMP High. While prior FedRAMP experience is strongly preferred, it’s not required; we’re looking for someone with curiosity, initiative, and a desire to grow in this space.This is a great opportunity for someone who enjoys the intersection of technical systems and risk management, and who’s motivated by process improvement, automation, and collaborative problem-solving. You’ll work cross-functionally with teams like DevOps, Engineering, Privacy, and IT, and partner closely with auditors and external stakeholders. Your work will directly support audit readiness, vulnerability tracking, and the evolution of a proactive, efficient compliance program.RESPONSIBILITIESSupport the ongoing maintenance of our FedRAMP High continuous monitoring program, including evidence collection and reportingTrack, review, and document vulnerability scan data; ensure remediation efforts are auditable and timelyManage security-related tickets and cases in systems like Jira, SharePoint, and internal documentation toolsCollaborate with Engineering, DevOps, IT, and Privacy to collect data, verify controls, and support audit readinessAnswer auditor and federal agency questions by compiling and submitting relevant documentationIdentify manual or repetitive processes and propose automation opportunities (scripts, tools, templates, etc.)Conduct internal access reviews, policy checks, and other posture assessments across systemsHelp build scalable documentation, workflows, and templates to reduce audit fatigueContribute to security roadmap planning by identifying gaps or inefficiencies in current processesStay current on security trends and evolving standards relevant to federal and commercial complianceREQUIREMENTS4 years of experience in security, GRC, or a related technical/compliance roleMust be eligible to obtain and maintain a U.S. government security clearance to support work across both commercial and federal programsFamiliarity with compliance frameworks like SOC 2, HIPAA, HITRUST, PCI, or ISO 27001 (FedRAMP preferred)Experience reviewing or managing vulnerability scans (e.g., Wazuh, Tenable) and related ticketingProficiency in Microsoft tools (Excel, SharePoint, Word); comfortable managing and navigating documentationExcellent attention to detail, systems thinking, and ability to manage multiple data streamsStrong communication and collaboration skills, especially across technical and non-technical teamsBONUSExposure to scripting or automation tools (e.g., Excel macros, PowerAutomate)Experience using GRC platforms like Drata, HyperProof, or similarThreat hunting or familiarity with tools like CrowdStrike, Splunk, or ElasticSearchThe compensation for this role will be based on level of experience and the geographic tier in which you are located. This position also comes with equity and a variety of benefits.Tier 1 Salary: $108,000 - $130,000   Non-Tier 1 Salary: $97,000 - $116,000This role supports federal-facing systems and contributes to enterprise security functions. Candidates must meet eligibility for a government background check and follow strict data protection, access control, and incident response protocols. Familiarity with regulatory frameworks is expected. Ongoing compliance training and evidence-based documentation may be required.OUR APPROACH TO WORK LOCATIONArtera has hybrid office locations in Santa Barbara, CA, and Philadelphia (Wayne), PA, where team members typically come in three days a week. Specific frequency can vary depending on your team's needs, manager expectations and/or role responsibilities.In addition to our U.S. office locations, we are intentionally building geographically concentrated teams in several key metropolitan areas, which we call our “Hiring Hubs.” We are currently hiring remote candidates located within the following hiring hubs:- Boston Metro Area, MA- Chicago Metro Area, IL- Denver Metro Area, CO- Kansas City Metro Area (KS/MO)- Los Angeles Metro Area, CA- San Francisco / Bay Area, CA- Seattle Metro Area, WAThis hub-based model helps us cultivate strong local connections and team cohesion, even in a distributed environment. To be eligible for employment at Artera, candidates must reside in one of our hybrid office cities or one of the designated hiring hubs. Specific roles may call out location preferences when relevant.As our hubs grow, we may establish local offices to further enhance in-person connection and collaboration. While there are no current plans in place, should an office open in your area, we anticipate implementing a hybrid model. Any future attendance expectations would be developed thoughtfully, considering factors like typical commute times and access to public transit, to ensure they are fair and practical for the local team.WORKING AT ARTERA Company benefits - Full health benefits (medical, dental, and vision), flexible spending accounts, company paid life insurance, company paid short-term & long-term disability, company equity, voluntary benefits, 401(k) and more! Career development - Manager development cohorts, employee development fundsGenerous time off - Company holidays, Winter & Summer break, and flexible time offEmployee Resource Groups (ERGs) - We believe that everyone should belong at their workplace. Our ERGs are available for identifying employees or allies to join. EQUAL EMPLOYMENT OPPORTUNITY (EEO) STATEMENTArtera is an Equal Opportunity Employer and is committed to fair and equitable hiring practices. All hiring decisions at Artera are based on strategic business needs, job requirements and individual qualifications. All candidates are considered without regard to race, color, religion, gender, sexuality, national origin, age, disability, genetics or any other protected status. Artera is committed to providing employees with a work environment free of discrimination and harassment; Artera will not tolerate discrimination or harassment of any kind.Artera provides reasonable accommodations for applicants and employees in compliance with state and federal laws. If you need an accommodation, please reach out to hr@artera.io.DATA PRIVACYArtera values your privacy. By submitting your application, you consent to the processing of your personal information provided in conjunction with your application. For more information please refer to our Privacy Policy.SECURITY REQUIREMENTSAll employees are responsible for protecting the confidentiality, integrity, and availability of the organization’s systems and data, including safeguarding Artera’s sensitive information such as, Personal identifiable Information (PII) and Protected Health Information (PHI). Those with specific security or privacy responsibilities must ensure compliance with organizational policies, regulatory requirements, and applicable standards and frameworks by implementing safeguards, monitoring for threats, reporting incidents, and addressing data handling risks or breaches.We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.

Salary : $97,000 - $116,000