Senior Client Security Analyst

The Client Success & Sales Support Analyst is a high-visibility, cross-functional role responsible for owning and centralizing the client security review process. Acting as the primary point of contact for all security questionnaires, this position manages the full lifecycle, from initial request through final delivery.

The analyst will triage and coordinate inputs from Security, Engineering, and IT teams to ensure timely and accurate responses, while driving process improvements that enhance both the sales and client success cycles. This is a remote role that sits within the Governance, Risk & Compliance (GRC) team and reports directly to the Senior Manager, GRC.

• Own the end-to-end process for all client and prospect security questionnaires, acting as the central project manager from the initial JIRA ticket to final delivery.
• Review, triage, and assign all questions to the appropriate cross-functional teams (e.g., Engineering, IT, Legal), eliminating ambiguity and coordination burdens from the Client Success Managers (CSMs).
• Collaborate with and track progress from all internal stakeholders, actively managing timelines to ensure responses are accurate and completed within established SLAs.
• Perform final quality assurance (QA) reviews on all completed questionnaires to ensure the document is cohesive, professional, and all questions are answered before client delivery.
• Partner with GRC leadership to develop, document, and refine standardized workflows, creating clear success metrics (e.g., reduced turnaround time).
• Act as the primary point of contact for the Sales and Client Success teams on all security-related inquiries, including escalations for new sales and upsell deals.
• Represent the cybersecurity team on calls with clients and prospects, acting as the expert to address security concerns and build trust.
• Develop, maintain, and promote a "Trust Center" (e.g., using Whistic) by centralizing existing "Go-To-Market Packet" and other documentation to proactively address common security questions.
• Manage the intake process for security reviews of non-standard client agreements, collaborating with Legal to formalize the review of data security and AI clauses.
• Support the Third-Party Risk Management (TPRM) program by helping to manage automated workflows that flag high-risk vendors for GRC review.
• Assist in communicating and enforcing the required Third-Party Security Addendum (TPSA) for new vendors.

• 5+ years of experience in GRC, risk management, or a security-focused client-facing role.
• Demonstrated experience in project management or process coordination
• Direct experience supporting a fast-paced sales or client success team as a security subject matter expert.
• Proven ability to manage and respond to client/prospect security questionnaires, RFPs, and security assessments.
• Strong understanding of GRC and compliance frameworks, especially HIPAA and SOC 2.
• Exceptional client-facing communication skills, with the ability to explain complex security concepts to both technical and non-technical audiences.
• Comfortable holding cross-functional partners accountable to deadlines.

• Bachelor's degree in a related field.
• Experience using JIRA or similar service desk ticketing systems to manage and track workflows.
• Experience using GRC, TPRM, or security questionnaire platforms (e.g., Whistic, Vanta, OneTrust, Loopio, RFPio).
• Experience in the healthcare or health tech industry.
• Relevant certifications (CISM, CRISC, CISA, etc.).

• Capability to remain seated in a stationary position for prolonged periods.
• Eye-hand coordination and manual dexterity to operate keyboard, computer and other office-related equipment.
• Capability to work with leadership, employees, and members in an appropriate manner.

Pay:

The United States new hire base salary target ranges for this full-time position are:

Zone A: $108,890 - $141,560 + equity + benefits

Zone B: $119,779 - $155,716 + equity + benefits

Zone C: $130,668 - $169,872 + equity + benefits

Zone D: $141,557 - $184,028 + equity + benefits

This range reflects the minimum and maximum target for new hire salaries for candidates based on their respective Zone. Below is additional information on Included Health's commitment to maintaining transparent and equitable compensation practices across our distinct geographic zones.

Starting base salary for you will depend on several job-related factors, unique to each candidate, which may include education; training; skills; years and depth of experience; certifications and licensure; our needs; internal peer equity; organizational considerations; and understanding of geographic and market data. Compensation structures and ranges are tailored to each zone's unique market conditions to ensure that all employees receive fair and great compensation package based on their roles and locations. Your Recruiter can share your geographic zone upon inquiry.

Benefits & Perks:

In addition to receiving a great compensation package, the compensation package may include, depending on the role, the following and more:

Remote-first culture

401(k) savings plan through Fidelity

Comprehensive medical, vision, and dental coverage through multiple medical plan options (including disability insurance)

Paid Time Off ("PTO") and Discretionary Time Off (“DTO")

12 weeks of 100% Paid Parental leave

Family Building & Compassionate Leave: Fertility coverage, $25,000 for surrogacy/adoption, and paid leave for failed treatments, adoption or pregnancies.

Work-From-Home reimbursement to support team collaboration home office work

Your recruiter will share more about the salary range and benefits package for your role during the hiring process.

About Included Health

Included Health is a new kind of healthcare company, delivering integrated virtual care and navigation. We’re on a mission to raise the standard of healthcare for everyone. We break down barriers to provide high-quality care for every person in every community — no matter where they are in their health journey or what type of care they need, from acute to chronic, behavioral to physical. We offer our members care guidance, advocacy, and access to personalized virtual and in-person care for everyday and urgent care, primary care, behavioral health, and specialty care. It’s all included. Learn more at includedhealth.com.

-----

Included Health is an Equal Opportunity Employer and considers applicants for employment without regard to race, color, religion, sex, orientation, national origin, age, disability, genetics or any other basis forbidden under federal, state, or local law. Included Health considers all qualified applicants with arrest or conviction records in accordance with the San Francisco Fair Chance Ordinance, the Los Angeles County Fair Chance Ordinance, and California law.