Rally Health™ is all about putting health in the hands of the individual. It’s our mission, and it drives everything we do, which is to empower people with easy-to-use online and mobile tools that help them take charge of their health and health care, from improving their diet and fitness to selecting health benefits, and choosing the right doctor at the right price for their needs.
Our culture is built on a deep and sincere dedication to helping people live healthier lives. To do this, we are committed to innovating continuously at every level. We know that some of the things we do are not going to work, and that’s okay. We’re not trying to build something that is churn and burn. We’re building something that supports people over their lifetime. Every day, we get to work with amazing people on something that directly impacts the lives of millions of people for the better.
At Rally Health, we believe that two heads truly are better than one. Rallyers understand the importance of communication and collaboration, ensuring that we work we produce is the best that it can be. Every opinion is valid and valued, and we share ideas that elevate the way we work. We know that the big picture and the small details are tied together, and we keep both in mind. Everything we do is executed with our users in mind, so we make sure that all of our work has a human touch. Here at Rally, we take advantage of the opportunity to build strong relationships with each other, because it makes us better.
About the Team: The Cyber-Security Compliance team is organized under Rally Health’s Security Office and encompasses activities and responsibilities of governance, risk management, and compliance. As a contributor and member of the Cyber-Security Compliance team, we interact and partner with various different business functions and departments across Rally (including Security, IT, HR, Facilities, Ops, Engineering, Data, and Product) ensuring documentation and processes are in line with formal framework requirements and best practices. Cyber-Security and Compliance gives Rally Health a competitive edge. In order to pass an audit, we have to demonstrate that we have clear, documented, repeatable processes for the work that we do -- and those are the very things that help us scale our operations.
Your day to day:
- The intern role will assist with:
- Scheduling meetings and interviews with Rally Health security process owners
- Coordinating with Subject Matter Experts to gather audit documents
- Maintaining internal trackers and documentation and providing timely status updates and reports to the Senior Compliance Analysts
- Performing evaluations of internal controls, communications, risk assessments and maintenance of documentation, as it relates to SOC 2 Type 2, HITRUST, HIPAA and NIST
- Identifying and evaluating deficiencies while working with internal departments/ business units to appropriately remediate them
- The Cyber-Security Compliance Intern will report to a Senior Cyber-Security Compliance Analyst and will be responsible for assisting with the conduction of Rally’s ongoing audit and compliance certifications, assessing security risks, evaluating internal processes, identifying deficiencies and developing appropriate remediation plans, preparing written documentation and reports, and more
- The intern will get exposure to several different functions of the company: HR, IT, Security, Engineering, Operations, Product, Data, and Facilities
Your core responsibilities:
- Assist and support the team with our annual SOC 2 audit that takes place every summer
- Working with internal business partners on tracking, reporting, and developing remediation plans
- Contribute to the ongoing testing and monitoring of Rally’s internal business processes to ensure requirements of various standards and regulations are met
- Assessing and mitigating potential security risks and threats
- Assisting with appropriate communications and security awareness requirements
- Pursuing a BS or Masters in Business Administration, Information Systems, or Security
- Be self-starters and demonstrate desire to learn new concepts and build new skills
- Have interest to work cross functionally throughout different business processes within an organization
- Have effective organization and time management skills with ability to work under pressure and adhere to project deadlines and deliverables
- Have excellent analytical, communication (written and verbal), project management, and interpersonal skills
- Have strong technical aptitude and problem-solving skills
- Nice to have a high-level/basic understanding of the following:
- AWS and Security in the cloud
- Change Control Management
- Secure system development lifecycle (Secure SDLC)
- Risk Management
- Vulnerability Management
- Asset Management
- Identity and Access Management
- Production versus Corporate Infrastructure
Why join Rally? On top of an innovative work atmosphere and a chance to help people change their lives, we offer competitive pay, daily catered lunches, and an extensive benefits package for all full-time employees (including medical, dental, vision and 401(k)). In addition, offer the ability to grow, while truly making an impact in the healthcare system.
Rally knows that we are strongest when our employee population reflects the diversity of the world around us, and we are a place where all voices are valued. A diverse workforce will enrich us with the talent, energy, perspective and inspiration we need to achieve our mission. Rally Health believes in a policy of equal employment and opportunity for all people. It is our policy to recruit, hire, train, and promote individuals in all job titles, and administer all programs, without regard to race, color, religion, national origin or ancestry, citizenship, sex, age, marital status, pregnancy, childbirth or related medical conditions, personal appearance, sexual orientation, gender identity or expression, family responsibilities, genetic information, disability, matriculation, political affiliation, veteran status, union affiliation, or any other category protected by applicable federal, state or local laws.
Individuals with disabilities and veterans are encouraged to apply. Applicants who require an accommodation related to the application and/or review process should notify Talent Acquisition (email@example.com).
Pursuant to the San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records.