Apply Now    
Req # 101085

Senior Security and Compliance Analyst

San Francisco, CA US

Employee: Full Time Employee
Travel: 10%
About Castlight

At Castlight, our mission is to empower people to make the best choices for their health and to help companies make the most of their health benefits. We offer a health benefits platform that engages employees to make better healthcare decisions and can guide them to the right program, care, and provider. The platform also enables benefit leaders to communicate and measure their programs while driving employee engagement with targeted, relevant communications. 

To date, Castlight has partnered with more than 240 large enterprise customers, spanning millions of lives, to improve healthcare outcomes, lower costs, and increase benefits satisfaction.

Castlight Health is looking for a Senior Compliance Analyst to join the Security and Compliance team and assist with strengthening the compliance program. We are looking for someone to help manage projects, advocate security and compliance across the company, and help maintain internal audits and other compliance activities. This position can be based at our corporate headquarters in San Francisco, CA, or in our south bay office in Mountain View, CA. The position will report to Director of Security and Compliance.

Manage key risk, governance and compliance initiatives, assuring alignment to the policies and standards and creating processes that really work
Support the business by ensuring excellence in processes, controls and execution
Drive risk management activities, including periodic risk assessments, provide guidance to the organization regarding project initiatives, reviewing third party risks associated with vendors, products and services
Work with the engineering, legal, HR and other teams to deliver meaningful documentation and process improvements
Determine operational pain points and optimize team-wide processes and procedures based on best practices and subject matter expertise
Further refine the development and implementation of key operational performance metrics and reports for management
Provide consultancy on compliance-related matters for internal and external partners
Provide mentorship for more junior analysts, to include conducting quality control checks
Jump in to support other technical writing activities beyond security and compliance as time allows and demand arises
Help update policies and procedures to reflect the merits of pre defined controls
Host/support external audits, compliance inquiries and/or surveys

  • 3-5 years of experience as a compliance analyst
  • Undergraduate degree in computer science, engineering, business, or a related discipline; advanced degree a plus 
  • Experience with compliance documentation, such as ISO 27001, HIPAA, HITRUST, SOC 2, or SOX
  • Must be able to work independently on a multiple task work load and produce a quality product under a tight time constraint
  • Excellent analytical and written communication skills 
  • Excellent project management skills 
  • Ability to efficiently run meetings 
  • Ability to act effectively as a member of a team to resolve problems
  • Ability to simultaneously work on several projects with the flexibility to prioritize in a minimum amount of time
  • Ability to investigate and analyze technical and regulatory issues
  • Understands the requirements and incorporates them into the documentation 
  • Attentive to detail and accuracy, is committed to excellence, and owns and acts on quality problems 
  • Must be reliable, flexible and punctual
  • Ability to work in a fast paced, test-driven collaborative and iterative programming environment

Desired Skills:
  • Understanding of SOX, SOC 2, HIPAA, HITRUST, and ISO 27001
  • Previous auditing experience as an external auditor 
  • Big 4 experience strongly desired
  • Experience with Word, Excel, Google Docs, and Spreadsheets 
  • Experience with project management and leadership
  • Strong people skills
  • Strong interpersonal skills
  • Excellent oral and written skills

We are Castlight and we are…


* Changing healthcare is a team sport

* Teamwork requires respect

* Direct feedback is a gift that improves us

* Diversity makes us stronger

* We take care of ourselves and each other=


* We put our mission first

* We are here to transform healthcare

* We tackle complex problems with curiosity, passion, and ambition

* We bring our best every day

* We learn and grow together


* Done well is better than perfect

* We move fast to accelerate execution and learning

* We are empowered to take action

* We own the outcome

* We win together

EEOC Statement
Castlight Health provides equal employment opportunity (EEO) to all persons regardless of age, color, national origin, citizenship status, physical or mental disability, race, religion, creed, gender, sex, pregnancy, sexual orientation, gender identity and/or expression, genetic information, marital status, status with regard to public assistance, veteran status, or any other characteristic protected by federal, state or local law. In addition, Castlight Health will provide reasonable accommodations for qualified individuals with disabilities.
Apply Now