New The Skills of Tomorrow: how AI-exposed is every skill in 2026? See the data →
Headway

Senior Governance, Risk, Compliance (GRC) Analyst

Headway
Apply →
remote senior full-time $161,600 to $202,000 New York, New York, United States; San Francisco, California, United States; Seattle, Washington, United States

First indexed 15 May 2026

Description

We're seeking a Senior Governance, Risk, Compliance (GRC) Analyst to join our Security team. As a key member of our GRC team, you will support the development and implementation of our security and compliance program. Your responsibilities will include:

Supporting HITRUST, SOC 2, PCI-DSS, and HIPAA audit readiness by collecting evidence, coordinating with assessors, tracking control gaps and remediation timelines.

Building and managing the vendor security assessment lifecycle, including questionnaires, SOC 2/ISO reviews, risk scoring, and policy enforcement across procurement and renewals.

Standing up and running Headway's security awareness training program, including onboarding modules, phishing simulations, annual compliance training, and completion tracking.

Operating the centralized risk register, identifying, assessing, and tracking technical security risks through mitigation, and surfacing risk-informed priorities to engineering and security leadership.

Partnering cross-functionally with Privacy, Legal, IT, and Engineering to embed compliance into how Headway operates.

You will be a great fit for this role if you have 5+ years of experience in a GRC, compliance, or security risk role, and have working knowledge of at least two of: HITRUST, SOC 2, PCI-DSS, or HIPAA. You should also have experience using a GRC platform like Vanta, Drata, OneTrust, or similar to automate evidence collection or manage controls.

Our mission is to fix the mental healthcare system by making therapy accessible to everyone. We're committed to creating a team that reflects the diversity of this problem, and we're looking for someone who shares our passion for making a difference.

In addition to your base salary, this role may be eligible for an equity grant, depending on the position and level. We offer a comprehensive and competitive total rewards package, including robust health and wellness benefits, retirement savings, and meaningful ownership opportunities through equity.

Benefits offered include:

Equity compensation Medical, Dental, and Vision coverage HSA / FSA 401K Work-from-Home Stipend Therapy Reimbursement 16-week parental leave for eligible employees Carrot Fertility annual reimbursement and membership 13 paid holidays each year as well as a Holiday Break during the week between December 25th and December 31st Flexible PTO Employee Assistance Program (EAP) Training and professional development

This listing is enriched and indexed by YubHub. To apply, use the employer's original posting: https://job-boards.greenhouse.io/headway/jobs/5995843004