Security & Compliance Analyst - CertifyOS

Job Title: Security & Compliance Analyst
Job Location: Pune
Job Listing URL: https://jobs.lever.co/certifyos/3b30e301-1fb9-470e-a7b3-5d645c244f05
Job Description: About Certify:
At CertifyOS, we're building the infrastructure that powers the next generation of provider data products, making healthcare more efficient, accessible, and innovative. Our platform is the ultimate source of truth for provider data, offering unparalleled ease and trust while making data easily accessible and actionable for the entire healthcare ecosystem.

What sets us apart? Our cutting-edge, API-first, UI-agnostic, end-to-end provider network management platform automates licensing, enrollment, credentialing, and network monitoring like never before. With direct integrations into hundreds of primary sources, we have an unbeatable advantage in enhancing visibility into the entire provider network management process. Plus, our team brings over 25+ years of combined experience building provider data systems at Oscar Health, and we're backed by top-tier VC firms who share our bold vision of creating a one-of-a-kind healthcare cloud that eliminates friction surrounding provider data.

But it's not just about the technology; it's about the people behind it. At Certify, we foster a meritocratic environment where every voice is heard, valued, and celebrated. We're founded on the principles of trust, transparency, and accountability, and we're not afraid to challenge the status quo at every turn. We're looking for purpose-driven individuals like you to join us on this exhilarating ride as we redefine healthcare data infrastructure.

Role Summary: We are expanding our security team and looking for a Security & Compliance Analyst to help build and maintain our organization’s security framework. This role is designed to shift our security focus from reactive firefighting to proactive monitoring and compliance. You will work under the guidance of senior leadership to monitor threats, manage vulnerabilities, and ensure audit readiness.
Key Responsibilities:
Security Operations (SecOps): Monitor security dashboards (SIEM, EDR), perform initial triage and investigation of security alerts, and assist with managing endpoint protection systems.
Vulnerability & Risk Management: Assist in scheduling and executing internal vulnerability scans; track and report on remediation efforts for identified security gaps.
Compliance & Audit Support: Support the collection of evidence for regulatory audits (e.g., system logs, access reports) and assist in drafting and updating IT security policies and procedures.
Security Awareness: Help conduct user awareness training programs, including phishing simulations and security best practices education for the entire organization.
Qualifications:
Fundamental knowledge of cybersecurity principles (CIA triad, common threats, basic networking).
Familiarity with security concepts like SIEM, Antivirus/EDR, or Vulnerability Management.
Strong attention to detail and ability to document processes accurately.
Interest in pursuing a career in Governance, Risk, and Compliance (GRC) or Security Operations.