Security GRC Analyst

Our mission is to SAVE AND IMPROVE LIVES BY EMPOWERING HEALTHCARE CONSUMERS. Come be part of remarkable.

How you can make a difference

Help shape the future of HealthEquity’s security, privacy, and compliance landscape in a role designed for someone who is early in their career and eager to learn. This position offers rare visibility across Security, Privacy, Legal, and Compliance and is a strong fit for someone who thrives in a remote environment, takes initiative, asks questions, and collaborates well virtually.

You will begin by mastering client security questionnaires, partner assessments, and contract reviews. These responsibilities build deep foundational knowledge of our policies, controls, and security posture. As you grow, you will expand into broader GRC, audit, and continuous improvement initiatives that help mature HealthEquity’s overall governance program.

What We’re Looking For

* Someone who thrives in a remote environment and collaborates proactively.
* A natural questionasker who seeks clarity early and communicates well in virtual channels.
* Strong attention to detail with a willingness to learn complex subject matter.
* Clear written and verbal communication, especially when responding to client security inquiries.
* Dependability, organization, and comfort managing multiple incoming requests.
* Interest in how security controls, audits, and risk processes work in a regulated environment.
* Ability to work with both technical and nontechnical partners.
* A customerservice mindset focused on accuracy, timeliness, and transparency.

What you’ll be doing

This Year’s Responsibilities
These are the core areas you will own during your first year as you build deep subject matter knowledge:
* Own the intake, review, and completion of client security questionnaires and partner assessments.
* Support contract reviews by coordinating with Privacy, Security, Legal, and Compliance and learning how to identify risks, missing terms, and required redlines.
* Develop strong working knowledge of HealthEquity’s security policies, standards, and controls so you can confidently and accurately respond to client inquiries.
You will also collaborate closely with your team, ask questions early and often, and grow comfortable working in a fastpaced remote environment using virtual tools like Teams, email, and shared workspaces.

Once You Grow Into the Role
As you gain mastery in questionnaires, contracts, and our security landscape, you will take on additional responsibilities that support broader GRC maturity:
* Organize and validate evidence for external audits and certifications such as SOC 2, HITRUST, PCI, HIPAA, or FedRAMP.
* Assist with internal control reviews and risk assessments by documenting gaps and identifying improvement opportunities.
* Maintain and update security control inventories, mappings, and evidence repositories.
* Partner with control owners across Security, IT, and Compliance to ensure timely and complete audit responses.
* Support tracking of remediation items, control testing cycles, and continuous monitoring activities.
* Contribute to standard operating procedures, process documentation, and repeatable GRC playbooks.
* Help create awareness, training materials, and guidance for internal teams and clientfacing groups.

What you will need to be successful

#LI-Remote

This is a remote position.

$36.30 To $56.01 / hour

The actual compensation offer is determined based on job-related knowledge, education, skills, experience, and work location. This position will be eligible for performance-based incentives as part of the total compensation package, in addition to a full range of benefits including:

Medical, dental, and vision
• HSA contribution and match
• Dependent care FSA match
• Full-time team members receive a minimum of 18 days of annual PTO and 13 paid holidays per year
• Paid parental leave
• 401(k) match
• Personal and healthcare financial literacy programs
• Ongoing education& tuition assistance
• Gym and fitness reimbursement
• Wellness program incentives

HealthEquity has a vision that by2030 we will make HSAs as wide-spread and popular as retirement accounts. We are passionate about providing a solution that allows American families to connect health and wealth. Join us and discover a work experience where the person is valued more than the position. Click here to learn more.

You belong at HealthEquity!

HealthEquity, Inc. is an equal opportunity employer, and we are committed to being an employer where no matter your background or identity – you feel welcome and included. We ensure equal opportunity for all applicants and employees without regard to race, age, color, religion, sex, sexual orientation, gender identity, national origin, status as a qualified individual with a disability, veteran status, or other legally protected characteristics. HealthEquity is a drug-free workplace. For more information about our EEO policy, or about HealthEquity’s applicant disability accommodation, drug-free-workplace, background check, and E-Verify policies, please visit our Careers page.

HealthEquity uses Microsoft Copilot to transcribe screening interviews between candidates and their direct Talent Partner for note taking and interview summaries. By scheduling a screening interview with us, you consent to Microsoft Copilot’s AI technology recording and transcribing your interview with your Talent Partner. This information will be reviewed for accuracy and then used by HealthEquity to summarize the interview, ensure accuracy, and facilitate our hiring process. We take privacy seriously. You have the option to opt out. If you wish to opt out of this Microsoft Copilot transcription, please notify your Talent Partner in advance of the interview. If we do not receive an opt-out request from you, we will assume that you consent to the use of Microsoft Copilot.

At HealthEquity, our goal is to save and improve lives by empowering healthcare consumers. This shared purpose inspires everything we do, including how we approach hiring. Our process is designed to get to know the real you: your skills, experiences, and potential to make a difference. We value honesty, originality, and the courage to do the right thing, even when it is not the easiest path. Showing up as your authentic self reflects these values and helps us build something truly remarkable together.

As AI is becoming a common tool throughout the Application process, we want to be clear about its appropriate use at HealthEquity. Using AI to support resume writing, research, or interview preparation is perfectly acceptable, provided the content is accurate and genuinely represents your qualifications and skills. For other key parts of our interview process, however, it is important that the ideas, communication, and work you share reflect your own voice, experiences, and thinking. We ask that you participate in our live interviews and complete any assessments without AI assistance unless instructions explicitly indicate otherwise or a specific exception is discussed and approved in advance. This approach ensures fairness, celebrates your individuality, and allows your authentic perspective to shine. Behaviors that do not align with these guidelines may result in disqualification from the hiring process or termination of employment if later discovered. We appreciate your understanding and look forward to learning about the unique contributions only you can bring to HealthEquity.

HealthEquity is committed to your privacy as an applicant for employment. For information on our privacy policies and practices, please visit HealthEquity Privacy.