Easy Apply
Easy Apply
The GRC Analyst will strengthen Artera's security and compliance program, especially for FedRAMP High, coordinating with various technical teams to ensure audit readiness and support risk management processes.
ABOUT ARTERA
Our Mission: Make healthcare #1 in customer service.
What We Deliver: Artera, a SaaS leader in digital health, transforms patient experience with AI-powered virtual agents (voice and text) for every step of the patient journey. Trusted by 1,000+ provider organizations — including specialty groups, FQHCs, large IDNs and federal agencies — engaging 100 million patients annually. Artera’s virtual agents support front desk staff to improve patient access including self-scheduling, intake, forms, billing and more. Whether augmenting a team or unleashing a fully autonomous digital workforce, Artera offers multiple virtual agent options to meet healthcare organizations where they are in their AI journey. Artera helps support 2B communications in 109 languages across voice, text and web. A decade of healthcare expertise, powered by AI.
Our Impact: Trusted by 900+ provider organizations — including specialty groups, FQHCs, large IDNs and federal agencies — engaging 100 million patients annually.
Our award-winning culture: Our award-winning culture: Since founding in 2015, Artera has consistently been recognized for its innovative technology, business growth, and named a top place to work. Examples of these accolades include: Inc. 5000 Fastest Growing Private Companies (2020, 2021, 2022, 2023, 2024); Deloitte Technology Fast 500 (2021, 2022, 2023, 2024); Built In Best Companies to Work For (2021, 2022, 2023, 2024, 2025). Artera has also been recognized by Forbes as one of “America’s Best Startup Employers,” Newsweek as one of the “World’s Best Digital Health Companies,” and named one of the top “44 Startups to Bet your Career on in 2024” by Business Insider.
SUMMARY
Artera is seeking a mid-level GRC Analyst to join our Information Security team and help us strengthen and scale our security and compliance program, particularly as we expand our work in the federal space. This individual will play a key role in supporting continuous monitoring efforts tied to FedRAMP High. While prior FedRAMP experience is strongly preferred, it’s not required; we’re looking for someone with curiosity, initiative, and a desire to grow in this space.
This is a great opportunity for someone who enjoys the intersection of technical systems and risk management, and who’s motivated by process improvement, automation, and collaborative problem-solving. You’ll work cross-functionally with teams like DevOps, Engineering, Privacy, and IT, and partner closely with auditors and external stakeholders. Your work will directly support audit readiness, vulnerability tracking, and the evolution of a proactive, efficient compliance program.
RESPONSIBILITIES
- Support the ongoing maintenance of our FedRAMP High continuous monitoring program, including evidence collection and reporting
- Track, review, and document vulnerability scan data; ensure remediation efforts are auditable and timely
- Manage security-related tickets and cases in systems like Jira, SharePoint, and internal documentation tools
- Collaborate with Engineering, DevOps, IT, and Privacy to collect data, verify controls, and support audit readiness
- Answer auditor and federal agency questions by compiling and submitting relevant documentation
- Identify manual or repetitive processes and propose automation opportunities (scripts, tools, templates, etc.)
- Conduct internal access reviews, policy checks, and other posture assessments across systems
- Help build scalable documentation, workflows, and templates to reduce audit fatigue
- Contribute to security roadmap planning by identifying gaps or inefficiencies in current processes
- Stay current on security trends and evolving standards relevant to federal and commercial compliance
REQUIREMENTS
- 4+ years of experience in security, GRC, or a related technical/compliance role
- Must be eligible to obtain and maintain a U.S. government security clearance to support work across both commercial and federal programs
- Familiarity with compliance frameworks like SOC 2, HIPAA, HITRUST, PCI, or ISO 27001 (FedRAMP preferred)
- Experience reviewing or managing vulnerability scans (e.g., Wazuh, Tenable) and related ticketing
- Proficiency in Microsoft tools (Excel, SharePoint, Word); comfortable managing and navigating documentation
- Excellent attention to detail, systems thinking, and ability to manage multiple data streams
- Strong communication and collaboration skills, especially across technical and non-technical teams
BONUS
- Exposure to scripting or automation tools (e.g., Excel macros, PowerAutomate)
- Experience using GRC platforms like Drata, HyperProof, or similar
- Threat hunting or familiarity with tools like CrowdStrike, Splunk, or ElasticSearch
OUR APPROACH TO WORK LOCATION
Artera has hybrid office locations in Santa Barbara, CA, and Philadelphia (Wayne), PA, where team members typically come in three days a week. Specific frequency can vary depending on your team's needs, manager expectations and/or role responsibilities.
In addition to our U.S. office locations, we are intentionally building geographically concentrated teams in several key metropolitan areas, which we call our “Hiring Hubs.” We are currently hiring remote candidates located within the following hiring hubs:
- Boston Metro Area, MA
- Chicago Metro Area, IL
- Denver Metro Area, CO
- Kansas City Metro Area (KS/MO)
- Los Angeles Metro Area, CA
- San Francisco / Bay Area, CA
- Seattle Metro Area, WA
This hub-based model helps us cultivate strong local connections and team cohesion, even in a distributed environment.
To be eligible for employment at Artera, candidates must reside in one of our hybrid office cities or one of the designated hiring hubs. Specific roles may call out location preferences when relevant.
As our hubs grow, we may establish local offices to further enhance in-person connection and collaboration. While there are no current plans in place, should an office open in your area, we anticipate implementing a hybrid model. Any future attendance expectations would be developed thoughtfully, considering factors like typical commute times and access to public transit, to ensure they are fair and practical for the local team.
WORKING AT ARTERA
Company benefits - Full health benefits (medical, dental, and vision), flexible spending accounts, company paid life insurance, company paid short-term & long-term disability, company equity, voluntary benefits, 401(k) and more!
Career development - Manager development cohorts, employee development funds
Generous time off - Company holidays, Winter & Summer break, and flexible time off
Employee Resource Groups (ERGs) - We believe that everyone should belong at their workplace. Our ERGs are available for identifying employees or allies to join.
EQUAL EMPLOYMENT OPPORTUNITY (EEO) STATEMENT
Artera is an Equal Opportunity Employer and is committed to fair and equitable hiring practices. All hiring decisions at Artera are based on strategic business needs, job requirements and individual qualifications. All candidates are considered without regard to race, color, religion, gender, sexuality, national origin, age, disability, genetics or any other protected status.
Artera is committed to providing employees with a work environment free of discrimination and harassment; Artera will not tolerate discrimination or harassment of any kind.
Artera provides reasonable accommodations for applicants and employees in compliance with state and federal laws. If you need an accommodation, please reach out to [email protected].
DATA PRIVACY
Artera values your privacy. By submitting your application, you consent to the processing of your personal information provided in conjunction with your application. For more information please refer to our Privacy Policy.
SECURITY REQUIREMENTS
All employees are responsible for protecting the confidentiality, integrity, and availability of the organization’s systems and data, including safeguarding Artera’s sensitive information such as, Personal identifiable Information (PII) and Protected Health Information (PHI). Those with specific security or privacy responsibilities must ensure compliance with organizational policies, regulatory requirements, and applicable standards and frameworks by implementing safeguards, monitoring for threats, reporting incidents, and addressing data handling risks or breaches.
Top Skills
JIRA
Excel
Microsoft Sharepoint
Microsoft Word
Sharepoint
Artera Boston, Massachusetts, USA Office
Artera Boston Hub Office
We have the Boston Area listed as we are refocusing efforts in 9 US-based hubs. If you live in the Boston Area your role will be remote to start. As our team continues to grow in this area, Artera will be considering opening an office. Once that happens, we will move to a hybrid work model.
Similar Jobs at Artera
.png)
Healthtech • Other • Sales • Software • Analytics • Conversational AI
The SecOps Engineer II will integrate security into infrastructure and tools, manage vulnerabilities, and collaborate across teams to ensure compliance.
Top Skills:
AlienvaultAWSBashCarbonblackEndpoint ProtectionFirewallsGuarddutyIds/IpsScripting In PythonSIEM
Healthtech • Other • Sales • Software • Analytics • Conversational AI
The Senior Machine Learning Engineer will develop AI agents for healthcare workflows, collaborating with various teams to enhance patient engagement and automate processes using cutting-edge technology.
Top Skills:
AirflowAWSDagsterHugging FaceLangchainPythonSQLTensorFlowTypescript
Healthtech • Other • Sales • Software • Analytics • Conversational AI
The Senior Customer Success Manager will build trusted relationships with healthcare clients, ensuring their success and satisfaction while driving platform adoption and growth through strategic support and guidance.
Top Skills:
Salesforce
What you need to know about the Boston Tech Scene
Boston is a powerhouse for technology innovation thanks to world-class research universities like MIT and Harvard and a robust pipeline of venture capital investment. Host to the first telephone call and one of the first general-purpose computers ever put into use, Boston is now a hub for biotechnology, robotics and artificial intelligence — though it’s also home to several B2B software giants. So it’s no surprise that the city consistently ranks among the greatest startup ecosystems in the world.
Key Facts About Boston Tech
- Number of Tech Workers: 269,000; 9.4% of overall workforce (2024 CompTIA survey)
- Major Tech Employers: Thermo Fisher Scientific, Toast, Klaviyo, HubSpot, DraftKings
- Key Industries: Artificial intelligence, biotechnology, robotics, software, aerospace
- Funding Landscape: $15.7 billion in venture capital funding in 2024 (Pitchbook)
- Notable Investors: Summit Partners, Volition Capital, Bain Capital Ventures, MassVentures, Highland Capital Partners
- Research Centers and Universities: MIT, Harvard University, Boston College, Tufts University, Boston University, Northeastern University, Smithsonian Astrophysical Observatory, National Bureau of Economic Research, Broad Institute, Lowell Center for Space Science & Technology, National Emerging Infectious Diseases Laboratories
