Get your career started at eHealth

eHealthInsurance has many exciting career opportunities in a number of locations, across various functions. Come join us today!

eHealth is America’s first and largest private online marketplace for health insurance, which allows individuals, families, and small businesses to compare insurance options side by side and enroll in coverage. Our mission is to help everyone find affordable Healthcare coverage through our website technology, consumer advocacy, and personalized customer assistance. The company has continued to evolve into an effective Expedia equivalent in the health care space. The increasing confidence that analysts and shareholders are demonstrating by our record share price is a testimony to our position in the health care market. Building a high-performance culture is critical for eHealth to continue on our path of intelligent and rapid growth and to win with our customers.

We’re looking for a versatile Governance, Risk, and Compliance (GRC) professional passionate about the people, processes, and technology that enable eHealth to achieve its mission. Your expertise will help to drive improvements to eHealth’s Information Security, Governance, Compliance, and Risk Assessment processes to empower sound decision-making. Your interpersonal skills will help foster a risk-aware culture throughout the company.

Compliance is a crucial pillar supporting eHealth’s overall Information Security Program. As an individual contributor on the GRC team, you will work with stakeholders across IT, Engineering, Legal, and HR along with other members of the GRC team. You will be responsible for assessing, evaluating, and making recommendations to leadership regarding the implementation of security controls aligned with SOC2 and eHealth's Risk Management program.

Your Day to Day with include:

• Assisting with internal and external audit engagements (SOC2, PCI-DSS, SOX, etc.)
  • Gather control evidence to ensure the information provided fulfills the requirements
  • Organize audit evidence and manage the control and process libraries
  • Assist the business to assess, document and remediate risks identified during the assessment
• Contributing to eHealth’s compliance maturity:
  • Work with the business to implement sound security controls aligned with the security policies and standards and identify control gaps
  • Develop metrics to report to management
• Assisting with Security awareness training and phishing campaign exercises
• Working with business partners to respond to carrier security questionnaires
• Evaluating the status of projects to identify and implement appropriate corrective measures to resolve security concerns as they arise

As an eHealth GRC Compliance Analyst, your background will look like:

• A Bachelor's degree in Information Security or Information Systems
• 3+ years of experience working in an Information Security audit setting such as SOC2, SOX, PCI-DSS, and knowledge of security controls including NIST, HIPAA, & Privacy
• Able to foster a collaborative working relationship in a fast-paced, team-oriented environment
• Strong written and verbal communication skills with a proven ability to hold constructive discussions with the business to ensure risks are adequately addressed

Preferred Qualifications:

• Attention to details and strong research skills
• Ability to analyze problems from different angles and foster multiple perspectives
• Experience with risk management tool administration and configuration is a plus
• Experience in scripting and basic Linux skills

You’ll be part of an open-minded and cohesive team that works toward shared goals. We’re passionate about growing a diverse and inclusive information security team at eHealth because it makes us a stronger company and we’re stronger together. eHealth is committed to creating an inclusive space for everyone, no matter what.

#LI-TB1

#LI-Remote

eHealth is an Equal Employment Opportunity employer. It is our policy to provide equal opportunity to all employees and applicants and to prohibit any discrimination because of race, color, religion, sex, national origin, age, marital status, sexual orientation, genetic information, disability, protected veteran status, or any other consideration made unlawful by applicable federal, state or local laws. The foundation of these policies is our commitment to treat everyone fairly and equally and to have a bias-free work environment.

If you are interested in applying for employment with eHealth and need special assistance or an accommodation to apply for a posted position contact us at:  [email protected].