
11 - 50 employees
👥 HR Tech
💸 Finance
🧘 Wellness
💰 $12M Series A on 2021-09
HR Tech • Finance • Wellness
Benepass is a flexible benefits platform designed for people-first companies, offering a range of personalized and adaptable employee benefits solutions. With a focus on meeting the diverse needs of today’s global workforce, Benepass allows companies to provide customized benefits packages that include health savings accounts, flexible spending accounts, wellness programs, professional development, and more. The platform emphasizes ease of use with features like card-first technology, automated enrollment, and real-time engagement metrics. Benepass supports companies in designing competitive benefits programs that enhance employee satisfaction and retention while staying aligned with corporate DEI and wellness values.
🕒 May 20
Improve your chances of getting an interview by checking your resume score before you apply.

11 - 50 employees
👥 HR Tech
💸 Finance
🧘 Wellness
💰 $12M Series A on 2021-09
HR Tech • Finance • Wellness
Benepass is a flexible benefits platform designed for people-first companies, offering a range of personalized and adaptable employee benefits solutions. With a focus on meeting the diverse needs of today’s global workforce, Benepass allows companies to provide customized benefits packages that include health savings accounts, flexible spending accounts, wellness programs, professional development, and more. The platform emphasizes ease of use with features like card-first technology, automated enrollment, and real-time engagement metrics. Benepass supports companies in designing competitive benefits programs that enhance employee satisfaction and retention while staying aligned with corporate DEI and wellness values.
• Maintain and improve information security policies, standards, procedures, control documentation, and related governance materials. • Help map policies and controls to frameworks such as SOC 2, ISO 27001/27002, HITRUST, NIST CSF 2.0, and other customer, regulatory, or security requirements. • Support policy exceptions, risk acceptances, remediation tracking, control owner follow-ups, and recurring governance workflows. • Support SOC 2, ISO 27001, and HITRUST readiness, audit preparation, evidence collection, auditor coordination, and audit response management. • Maintain recurring evidence-gathering and control testing workflows, helping ensure controls operate consistently across the business. • Track audit findings, control gaps, remediation plans, owners, due dates, and closure evidence. • Support risk assessments, control gap assessments, internal reviews, and maintenance of the risk register. • Translate technical and security risks into clear business language, including mitigations, ownership, timelines, and residual risk. • Own or support customer security questionnaires, RFP security sections, due diligence requests, and trust or compliance documentation. • Maintain reusable questionnaire content, approved responses, compliance artifacts, and customer-facing assurance materials. • Support employee security awareness programs and create clear internal guidance for policies, controls, and compliance responsibilities. • Support vendor security reviews, third-party risk assessments, remediation tracking, risk acceptance documentation, and vendor compliance evidence. • Use GRC platforms such as Vanta, Drata, Thoropass, Secureframe, or similar tools to improve evidence collection, control monitoring, task tracking, reporting, and repeatable compliance operations.
• 5+ years of experience in GRC, information security compliance, IT audit, risk management, security assurance, or a closely related field. • Hands-on experience supporting SOC 2 audits and readiness activities. • Working knowledge of ISO 27001/27002, HITRUST, NIST CSF, or similar security and compliance frameworks. • Experience maintaining security policies, controls, control narratives, evidence repositories, and audit documentation. • Experience supporting internal or external audits, including evidence collection, auditor coordination, control owner follow-up, and remediation tracking. • Strong written communication skills, with the ability to produce clear policies, questionnaire responses, process documentation, and stakeholder updates. • Excellent attention to detail and project management discipline. • Experience responding to customer security questionnaires, RFP security sections, or due diligence requests. • Familiarity with GRC, compliance automation, or audit management tools. • Experience in SaaS, fintech, benefits, healthcare, or other regulated environments. • Comfort working in a startup or fast-moving environment where processes need to be mature enough to scale without creating unnecessary friction. • Ability to work with both technical and non-technical teams and communicate security and compliance expectations clearly.
• 95% coverage of medical, dental, and vision • $250 WFH setup (one time) • $500/year Learning & Development Benefit • $150/month cell phone + internet • $100/month Wellness • $100/month Co-working and Commuter Benefit • Flexible PTO
Apply Now🕒 May 20
Manager of GRC Subject Matter Experts leading framework lifecycle at Vanta. Overseeing team of experts responsible for compliance frameworks and ensuring product alignment with security standards.
🇺🇸 United States – Remote
💵 $230k - $311k / year
💰 $40M Series B on 2022-10
⏰ Full Time
🟠 Senior
🔴 Lead
🚔 Compliance
🦅 H1B Visa Sponsor
🕒 May 20
11 - 50
GRC Specialist working remotely to support client governance, risk management, and CMMC compliance. Focused on scoping, documentation, and client interactions for compliance standards.
🇺🇸 United States – Remote
💵 $70k - $95k / year
⏰ Full Time
🟡 Mid-level
🟠 Senior
🚔 Compliance
🦅 H1B Visa Sponsor
🕒 May 19
Lead Compliance Corrections team addressing Medicaid, Medicare, and Commercial regulation compliance. Oversee remediation activities and mentor team members in healthcare compliance solutions.
🕒 May 19
Corporate Ethics & Compliance Investigator responsible for managing sensitive internal investigations across various locations. Requires strong experience in compliance and risk mitigation within the healthcare sector.
🕒 May 19
Regulatory Data Technical Advisor in biotechnology and biopharmaceuticals at BryceTech. Focus on data quality and compliance in support of BARDA's nonclinical research initiatives.