Security GRC and Operations Lead
About Us:
Hippocratic AI is developing the first safety-focused Large Language Model (LLM) for healthcare. Our mission is to dramatically improve healthcare accessibility and outcomes by bringing deep healthcare expertise to every person. No other technology has the potential for this level of global impact on health.
Why Join Our Team:
Innovative mission: We are creating a safe, healthcare-focused LLM that can transform health outcomes on a global scale.
Visionary leadership: Hippocratic AI was co-founded by CEO Munjal Shah alongside physicians, hospital administrators, healthcare professionals, and AI researchers from top institutions including El Camino Health, Johns Hopkins, Washington University in St. Louis, Stanford, Google, Meta, Microsoft and NVIDIA.
Strategic investors: Raised $137 million from top investors including General Catalyst, Andreessen Horowitz, Premji Invest, SV Angel, NVentures (Nvidia Venture Capital), and Greycroft.
Team and expertise: We are working with top experts in healthcare and artificial intelligence to ensure the safety and efficacy of our technology.
For more information, visit www.HippocraticAI.com.
We value in-person teamwork and believe the best ideas happen together. Our team is expected to be in the office five days a week in Palo Alto, CA unless explicitly noted otherwise in the job description
About the role:
As the Security GRC and Operations Lead at Hippocratic AI, you'll lead the charge to ensure security compliance across all our product offerings. Your role involves managing a comprehensive information security GRC program, navigating new and existing compliance standards, and building the security operations program to ensure proper oversight for monitoring and data compliance. You will be a member of the security team reporting to the CISO.
Responsibilities:
Work with the CISO and other stakeholders to Identify, assess, and prioritize IT risks, advising stakeholders on appropriate courses of action to mitigate or eliminate risk. Serve as a trusted resource for healthcare-related risk and compliance inquiries.
Implement and maintain relevant legal and regulatory requirements, including SOC2, ISO, HITRUST, HIPAA Privacy & Security, HITRUST and other CMS regulations and guidelines updated by the Federal Government.
Be the leader and central point of contact for ongoing audits. Work across all departments including sales, engineering, devops and clinical teams.
Develop and optimize audit evidence collection and responses for Request for Proposals (RFPs)
Develop targeted training programs to educate staff on patient privacy, data security, and regulatory requirements and foster a culture of compliance and accountability across clinical and administrative teams.
Facilitate a metrics and reporting framework to measure program efficiency and effectiveness, ensuring appropriate resource allocation and increasing security maturity.
Prepare clear, actionable reports for leadership regarding compliance gaps and solutions. Assist in executive reporting, tabletop exercises and Build robust dashboarding and tooling to support the ongoing operational monitoring and detection capabilities.
Qualifications & Skills
Education & Experience
Bachelor’s degree with additional Certifications (e.g., CISM, CHPC, CRISC) preferred.
5+ years in GRC, compliance, or audit, ideally within a healthcare, pharma or payor environment.
Technical & Professional Skills
Familiarity with healthcare regulations and frameworks (HIPAA, HITRUST).
Proven experience in risk assessments, auditing, and compliance reviews.
Strong analytical, problem-solving, and communication skills.
Soft Skills
Startup experience
Detail-oriented with high ethical standards.
Ability to collaborate effectively across clinical, administrative, and technical teams.
Organized and adaptable to shifting priorities in a fast-paced healthcare setting.
Other Attributes:
High personal integrity, ability to handle confidential matters, and demonstrate judgment and maturity.
Initiative, dependability, and ability to work with minimal supervision.
Average salary estimate
If an employer mentions a salary or salary range on their job, we display it as an "Employer Estimate". If a job has no salary data, Rise displays an estimate if available.
At Hippocratic AI, we’re on a mission to revolutionize healthcare with our groundbreaking safety-focused Large Language Model (LLM). As the Security GRC and Operations Lead in Palo Alto, you’ll play a key role in this innovative endeavor by ensuring security compliance across all our offerings. You’ll be at the forefront of managing our comprehensive information security GRC program while navigating various compliance standards. You'll collaborate closely with our CISO and stakeholders to identify, assess, and prioritize IT risks, providing valuable insights to mitigate those risks effectively. Part of your exciting new role will involve implementing essential regulatory requirements within healthcare, encompassing SOC2, ISO, and HIPAA, ensuring our technology aligns with industry standards. You’ll lead the charge during ongoing audits, working closely with sales, engineering, and clinical teams to gather evidence and prepare responses for RFPs. Your ability to educate our staff on patient privacy and data security establishes a culture of compliance and accountability. With your strong analytical skills, you’ll develop metrics to measure program effectiveness and produce actionable reports for our leadership team. If you’re looking to make an impactful difference in healthcare alongside a talented team of experts, Hippocratic AI is the place to be!
Hippocratic AI is building a safety-focused large language model (LLM) for the healthcare industry. We believe that generative AI has the potential to massively increase healthcare access the world over but has to be built and tested responsibly. ...
46 jobs
Subscribe to Rise newsletter
🔮
Hi, I'm Risa! Your AI Career Copilot
you, just ask me below!
Sign up for our weekly
newsletter of fresh jobs
