Job Description
Join to apply for the InfoSec Compliance Analyst role at Zus Health
Join to apply for the InfoSec Compliance Analyst role at Zus Health
Who We Are
Zus is a shared health data platform designed to accelerate healthcare data interoperability by providing easy-to-use patient data via API, embedded components, and direct EHR integrations. Founded in 2021 by Jonathan Bush, co-founder and former CEO of athenahealth, Zus partners with HIEs and other data networks to aggregate patient clinical history and then translates that history into user-friendly information at the point of care. Zus's mission is to catalyze healthcare's greatest inventors by maximizing the value of patient insights - so that they can build up, not around.
Who We Are
Zus is a shared health data platform designed to accelerate healthcare data interoperability by providing easy-to-use patient data via API, embedded components, and direct EHR integrations. Founded in 2021 by Jonathan Bush, co-founder and former CEO of athenahealth, Zus partners with HIEs and other data networks to aggregate patient clinical history and then translates that history into user-friendly information at the point of care. Zus's mission is to catalyze healthcare's greatest inventors by maximizing the value of patient insights - so that they can build up, not around.
What we’re looking for
We are looking for an InfoSec Compliance Analyst to support and mature our InfoSec and Compliance programs. This role is perfect for someone who is process-driven, organized, and curious — with an eye for documentation, systems, and continuous improvement. You’ll be a critical partner in maintaining and enhancing our security practices, with opportunities to grow deeper into the Risk and InfoSec management space (e.g., AWS, DevOps, and security infrastructure) over time.
You’ll report to our Manager of InfoSec and collaborate cross-functionally with IT, Engineering, Legal, People Ops, and other teams to keep our security, privacy, and compliance programs running smoothly and effectively
As part of our team, you will be responsible for
Risk and Compliance Management
Maintaining and monitoring SOC 2 controls, tests, and evidence. Assisting with coordination of any required remediation or documentation generation.
Proactively identifying, raising, and documenting risks as part of our ongoing Risk Management program.
Performing access reviews across Zus Identity-Provider (Okta), customer environments, SaaS tools, and Google Workspace.
Operational Security Stewardship
Performing the security review aspect of new software acquisition or purchase request within Zus
Managing Vendor Review and Third-Party Risk Management (TPRM) workflows.
Leading the configuration, maintenance, and reporting for security awareness and anti-phishing campaigns.
InfoSec Planning and Program Coordination
Operating the master InfoSec program schedule, ensuring all annual and quarterly security activities are completed on time, documented thoroughly, and the compliance artifacts are generated and securely stored..
Planning, coordinating, and publishing materials for scheduled activities such as postmortems, incident debriefs, and tabletop exercises.
Driving annual compliance activities, such as Disaster Recovery tests, Incident Response tests, Network reviews, Penetration tests, Risk Assessments, and Customer SSO credential rotations.
Coordinating quarterly compliance reviews in partnership with Legal and other stakeholders.
Process Improvement
Helping prioritize and track incident postmortem follow-up actions.
Contribute to implementation work related to configuration-as-code and GitOps workflows.
Maintain hygiene (related to sensitive customer data, PHI) in shared environments (e.g., Google Drive monitoring and cleanup).
You're a good fit because you have
Organized, detail-oriented, and accountable — you take pride in running a tight ship.
Strong project and documentation skills; you can wrangle chaos into a crisp Confluence page and clearly defined Jira tickets.
Familiarity with SIEM tools.
Fast and effective: you know how to move things forward without overcomplicating them.
A self-starter attitude that shows that you are ready for the fast, and sometimes unstructured nature of an early startup.
It would be great if you had
Interest in growing into AWS, DevOps, and Security infrastructure concepts — you don’t need to be a developer, but you’re curious and eager to learn.
Previous experience supporting SOC 2 audits or other security frameworks (HIPAA, ISO 27001, HITRUST, etc.).
Exposure to tools like GitHub, Jira, GSuite Admin, TrustCloud, or AWS IAM is a plus.
Basic knowledge of infrastructure-as-code and configuration-as-code as well as CI/CD processes.
CISA certification.
$75,000 - $95,000 a year
This role is based in Boston with a hybrid schedule where you'll be expected to work in the office a few days per week. We're located at 1 Lincoln St.
We will offer you…
Competitive compensation that reflects the value you bring to the team a combination of cash and equity
Robust benefits that include health insurance, wellness benefits, 401k with a match, unlimited PTO
Opportunity to work alongside a passionate team that is determined to help change the world (and have fun doing it)
Please Note: Research shows that candidates from underrepresented backgrounds often don’t apply unless they meet 100% of the job criteria. While we have worked to consolidate the minimum qualifications for each role, we aren’t looking for someone who checks each box on a page; we’re looking for active learners and people who care about disrupting the current healthcare system with their unique experiences.
We do not conduct interviews by text nor will we send you a job offer unless you've interviewed with multiple people, including the Director of People & Talent, over video interviews. Job scams do exist so please be careful with your personal information.
Seniority level Seniority level Entry level
Employment type Employment type Full-time
Job function Job function Legal
Industries Software Development
Referrals increase your chances of interviewing at Zus Health by 2x
Sign in to set job alerts for “Compliance Analyst” roles. U.S. Ethics & Compliance Transparency Operations Manager Cambridge, MA $111,800.00-$175,670.00 5 days ago
Senior Compliance Officer - Investment Advisor Boston, MA $104,000.00-$156,000.00 1 day ago
Director of Compliance/ Compliance Officer Beverly, MA $110,000.00-$140,000.00 2 weeks ago
Regional Compliance Specialist (Boston HQ) Regulatory Affairs and Compliance Manager Woburn, MA $150,000.00-$170,000.00 1 day ago
Senior Compliance Officer - Marketing Review U.S. Ethics & Compliance Transparency Operations Manager Lexington, MA $111,800.00-$175,670.00 2 weeks ago
VP, Compliance Officer - Asset Management Boston, MA $80,083.00-$170,031.00 5 days ago
Senior Manager of Employee Relations and Compliance SR Regulatory Compliance & Audits Specialist, MassHealth Boston, MA $125,000.00-$160,000.00 5 days ago
We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.
#J-18808-Ljbffr Zus Health
Job Tags
Full time,
Similar Jobs
Gordon Food Service
...Company Note Savings Program~12 Week - 100% Paid Maternity Leave~ Free Health Management Resources and Programs As a Van Delivery Driver you will be responsible for courteous, on-time, and accurate deliveries of products with a variable daily route. This role...
AccuSwift Logistics, LLC
...cargo vans with packagesProvide exceptional customer service experience to Amazon customers.Be able to lift packages up to 50lbs with... ...be at least 21 to applyNo points on driving record within last 2 yearsNo CDL requiredFlexible Schedule AccuSwift Logistics, LLC
Yale New Haven Health
...RN (Nurse) ECC at Yale New Haven Health summary: The role is for a Registered Nurse who provides patient-centered care within a multidisciplinary... ...delivery and transitions in care. Health Teaching and Health Promotion: The RN employs strategies to promote health and a safe...
PGTEK
Dell EMC Services Delivery Engineer - TS/SCI clearance Location: Onsite - Aurora, COClearance Requirement: TS/SCI (TS with SCI eligibility acceptable)Salary: 130-160K (could potentially be flexible pending experience)Job Description: We are seeking a Dell EMC Services...
Manpower
...Our client, a leading distributor of high-performance engineering plastic shapes, is seeking a CNC Machine Operator to join their team. As a CNC Machine Operator, you will be part of a dynamic team supporting various operations. The ideal candidate will have attention...