Sr. Risk and Compliance Analyst at Abacus Insights

| Greater Boston Area
Sorry, this job was removed at 5:31 p.m. (EST) on Wednesday, February 26, 2020
Find out who's hiring in Boston.
See all Operations jobs in Boston
Apply now
By clicking continue you agree to Built In’s Privacy Policy and Terms of Use.

Abacus Insights is a mission-driven, start-up technology company that is focused on improving health outcomes, lowering the cost of healthcare, and delivering a more seamless healthcare experience.  At our core, we are passionate about advancing healthcare and improving people’s lives through technology.

With our deep expertise in cloud-enabled technologies and knowledge of the healthcare industry, we have built an innovative data integration and management platform that allows healthcare payers access to data that has been historically siloed and inaccessible. Through our platform, these health insurance payers can ingest and manage all the data they need to transform their business by supporting their analytical, operational, and financial needs.

Through this mission and passion to aid people and population health, we have built a highly successful SaaS business that is heavily funded (since our founding in 2017 we have over 18 million) by leading VC firms who have deep expertise in the healthcare and technology industries. At Abacus, we are solving problems of massive scale and complexity in an industry that is not only ripe for disruption but requires innovation. We see massive growth in our future and would love for you to be a part of it!

As Abacus is preparing for its next phase of growth and continues to expand our customer base, we have recognized the need for a Senior Risk and Compliance Analyst. This role will play a critical part in helping to build and ship secure products with velocity, while protecting the critical customer production and corporate infrastructure.

The role of Senior Risk/Compliance Analyst will include the following responsibilities:

  • Establish the company compliance and risk charter and function
  • Lead Information Risk and Compliance projects by coordinating activities and timetables with business units
  • Maintain the schedule of activities required for compliance and assist in the completion of these activities.
  • Prepare and maintain Information Systems and compliance policies, procedures, standards, and guidelines
  • Collaborate with company functions and implement procedures with evidence gathering
  • Curate, develop, review, and administer information security awareness and training material for compliance obligations
  • Apply MyCSF for self-assessments and managing compliance and risk maturity
  • Perform gap analysis on existing policies and procedures relating to information security, acceptable use, security development standards, and other applicable areas based on risks, current threats, and industry best practices.
  • Propose additional policies, or changes to existing policies, based on identified gaps
  • Supports HITRUST and Service Organization Control (SOC 2) and internal audit requirements and activities by assisting in the planning and execution of assessments to minimize disruption on business processes and operational systems
  • Support efforts to gather documentation and supporting evidence and facilitates external and internal audit requests
  • Manage the remediation activities from assessments, audit findings and compliance related issues
  • Conduct security audits, review security risk assessments, and make recommendations for security improvements in existing application, network, technology, and processes, or to achieve compliance with applicable regulations relating to research data and information
  • Assist with customer audits in collaboration with Sales/Services teams and supports maintenance of a database to facilitate timely responses.
  • Assists with security/compliance evaluations of third party vendors.

Required Skills/Experience:

  • Bachelor’s degree with 5 years assessment experience to include experience in Information Security or Audit, and Information Security Risk or Compliance Assessment OR an equivalent combination of Education and Training totaling 4 years with an additional 7 years of experience in Information Security and Information Security Assessment.
  • Knowledge of risk assessment design and delivery
  • Knowledge of / experience working with AWS Cloud technologies/environments


  • Familiarity with some relevant security frameworks such as HITRUST, SOC2, FedRAMP, ISO 27001, GDPR, PCI, etc.
  • Proven experience building productive relationships with Technical Operations, Security Operations, Incident Response, Technical Compliance and other stakeholders
  • Ability to prioritize and multitask. Flexibility and adaptability in work approach.
  • Strong written and verbal communication skills.

Desired Skills/Experience:

  • Professional security management certification: CISSP or CISA preferred
  • Past experience in audit participation and certification is desirable
Read Full Job Description
Apply now
By clicking continue you agree to Built In’s Privacy Policy and Terms of Use.

Technology we use

  • Engineering
    • JavaLanguages
    • JavascriptLanguages
    • PythonLanguages
    • ScalaLanguages
    • SqlLanguages
    • AWSLanguages
    • TerraformLanguages
    • GitlabLanguages
    • ReactLibraries
    • ReduxLibraries
    • SparkFrameworks
    • MySQLDatabases


In the heart of Boston Financial District. 10/15 Minute walk from both South and North Station. Short walks to historic North End and Faneuil Hall.

An Insider's view of Abacus Insights

How does the company support your career growth?

Career growth is a focal point at Abacus and something that is always promoted at our all hands meetings. It has been tremendously supported at Abacus and preached by leadership through action. Abacus dedicates funds for each department to attend conferences/workshops and travel associated. I haven't seen that much our of earlier stage companies.

Dave Aquilino

Talent Acquisition Manager

How do you make yourself accessible to the rest of the team?

We are a small but growing company, located in 2 cities, have beads working remotely, and some travel a lot. Remaining connected to the team is critical and I use as many of the existing tools possible email, Slack, Zoom, confluence. Our offices are all open plan so accessing me is easy and it is more likely that I will access my team!

Minal Patel


What are Abacus Insights Perks + Benefits

Partners with Nonprofits
Participation in the Wonderfund. A non-profit focused on providing comfort and dignity to children in traumatic situations and enrich childhoods that have been impacted by abuse and neglect.
Friends outside of work
Eat lunch together
Open door policy
Team owned deliverables
Team based strategic planning
Group brainstorming sessions
Open office floor plan
Documented equal pay policy
Dedicated Diversity/Inclusion Staff
Highly diverse management team
Health Insurance & Wellness Benefits
Flexible Spending Account (FSA)
Abacus employees can contribute up to $2750 annually to their Health Care FSA, and up to $5,000 annually to their Dependent Care FSA.
Disability Insurance
Disability insurance covers 60% of annual salary up to $12500 monthly maximum payout.
Dental Benefits
Vision Benefits
Health Insurance Benefits
Life Insurance
Onsite Gym
Retirement & Stock Options Benefits
Company Equity
Performance Bonus
Child Care & Parental Leave Benefits
Flexible Work Schedule
Remote Work Program
Family Medical Leave
Vacation & Time Off Benefits
Unlimited Vacation Policy
Paid Holidays
Paid Sick Days
Perks & Discounts
Casual Dress
Commuter Benefits
Company Outings
Stocked Kitchen
We offer employees Free on-site garage parking.
Pet Friendly
The Abacus office is located in a dog-friendly building.
Fitness Subsidies
Professional Development Benefits
Job Training & Conferences
Lunch and learns
Cross functional training encouraged
Promote from within
More Jobs at Abacus Insights7 open jobs
All Jobs
Data + Analytics
Dev + Engineer
Data + Analytics
Apply now
By clicking continue you agree to Built In’s Privacy Policy and Terms of Use.
Save jobView Abacus Insights's full profileSee more Abacus Insights jobs