Senior Governance & Risk Analyst

About Lantern

Lantern is the specialty care platform connecting people with the best care when they need it most. By curating a Network of Excellence comprised of the nation's top specialists for surgery, cancer care, infusions and more, Lantern delivers excellent care with significant cost savings to employers and their workforces. Lantern also pairs members with a dedicated care team, including Care Advocates and nurses, for the entirety of their care journey, helping them get back to good health, back to their families and back to work. With convenient access to specialists nationwide, Lantern means quality care is within driving distance for most. Lantern is trusted by the nation's largest employers to deliver care to more than 6 million members across the country. Learn more about us at lanterncare.com. 

About You:

• You use LOGIC in your decision making and understand that progress is critical to making change. You focus on the execution of your content while balancing a fast-paced environment and you take the time to celebrate both the small & big wins. 
• INCLUSION is a core tenant of your personal beliefs. A diverse and inclusive environment is incredibly important to you. You understand and desire to be a part of a diverse team with different experiences and perspectives & you cherish the differences in each individual that you interact with.
• You have the GRIT, drive and ambition to tackle big problems. Big problems require big ideas and a team that supports new ideas. 
• You care deeply for your customers are driven to keep HUMANITY in all decisions. Your customers aren’t just the individuals using your product. They are the driving factor in your motivation to make a change.
• Integrity guides you in life. Focusing on the TRUTH vs. giving people the answers they want to hear. 
• You thrive in a Team Environment. Collaboration is key in innovation and creating change.

These pillars of LIGHT are a reminder to our team that we are making a difference by providing guidance and support in navigating the often complex and confusing landscape of healthcare. We hope that through this LIGHT, individuals can find their way to the best care, resources, and support they need to get back to life. 

If this sounds like you, we would love to connect to speak further about career opportunities at Lantern.

Please apply to our role & someone from our Talent Acquisition Team will reach out to help you navigate our interview process.

Lantern Specialty Care is seeking a Senior Risk & Governance Analyst to join our GRC team as a key individual contributor. This is a newly created role, built to scale our risk and compliance capabilities as we expand our AI-forward healthcare technology platform. You will report directly to the Sr. GRC Manager and play a foundational role across four priority areas: maintaining our risk register, advancing AI risk governance, TPRM, and supporting our HIPAA compliance program.

This is a high-impact, cross-functional role. We are at a critical stage of maturing our GRC program. There is significant greenfield opportunity to build structure where gaps exist, particularly in risk management and AI governance. The ideal candidate is hands-on, comfortable with ambiguity, and excited to leave their fingerprints on programs that will shape the organization’s risk posture for years to come.

Location: Hybrid - at least 3 days/wk in our Dallas, TX office located at 2100 Ross Avenue, Suite 1900, Dallas, Texas 75201

Responsibilities: 

• Support the build-out of Lantern’s risk register by conducting risk identification workshops, defining risk taxonomy, assigning ownership, and establishing likelihood/impact scoring
• Map current control environment against the NIST CSF function; document gaps and develop a prioritized remediation roadmap
• Establish recurring risk review cadence with business unit owners
• Maintain and evolve the risk register as a living document; produce regular risk reporting for leadership
• AI governance framework aligned to the NIST AI RMF — covering model risk assessment, bias considerations, transparency standards, and accountability structures
• Build and maintain an AI systems inventory with risk ratings; assess new use cases before deployment in partnership with Engineering and Product
• Monitor emerging AI regulatory guidance (HHS, EU AI Act, state-level) and translate into actionable controls
• Manage ongoing HIPAA Privacy and Security compliance programs: gap assessments, remediation tracking, and workforce training coordination
• Support SOC 2 Type II, HITRUST CSF, and other applicable audit cycles
• Support TPRM activities including vendor risk assessments and vendor tiering maintenance

Requirements:

• Bachelor’s degree in Information Security, Healthcare Administration, Computer Science, or related field
• A minimum of 5 years’ experience in GRC, compliance, or information security
• A minimum of 3 years’ experience in healthcare or health-tech industries
• Direct & Hands-on experience with the following:
• Building or significantly maturing a risk register
• Performing or supporting HITRUST and/or SOC 2 audits
• HIPAA Privacy/Security Rule compliance programs
• NIST CSF or ISO 27001
• AI Specific Risk Management Frameworks such as NIST AI RMF or Similar frameworks

Certifications (Preferred)

• CISA, CRISC, CISSP, CHC, or CHPC highly desirable
• HITRUST CCSFP a strong plus

Technical Skills

• Proficiency with a GRC platform (Vanta, Drata, ServiceNow GRC, OneTrust, or equivalent)
• Working knowledge of AI/ML risk concepts and the NIST AI RMF
• Experience with third-party risk tools and structured vendor assessment workflows
• Ability to read, interpret, and operationalize regulatory guidance

 Strong Candidates Will:

• Be energized by building. This role has significant greenfield scope, and the best candidates will see that as an opportunity, not a gap
• Move with urgency and precision, flagging risk before it becomes an issue
• Balance rigor with pragmatism, enabling the organization to move fast while staying protected
• Communicate clearly to both technical and non-technical audiences without losing nuance
• Bring genuine curiosity about AI and emerging technology governance
• Embody Lantern’s LIGHT pillars — Logic, Inclusion, Grit, Humanity, Truth — in every interaction

Benefits

• Medical Insurance
• Dental Insurance
• Vision Insurance
• Short & Long Term Disability
• Life Insurance
• 401k with company match
• Flexible Time Off
• Paid Parental Leave

Lantern does not discriminate on the basis of race, sex, color, religion, age, national origin, marital status, disability, veteran status, genetic information, sexual orientation, gender identity or any other reason prohibited by law in provision of employment opportunities and benefits.