RemoteLeaf Logo
Log in Sign up

Senior GRC Analyst, HIPAA

9 hours, 5 minutes ago
United States
Full-time
Senior
Compliance Manager
Cybersecurity
CI/CD Encryption HIPAA
Apply Now
DoorDash

DoorDash

DoorDash empowers small business owners by providing an affordable and convenient platform for local delivery services, primarily focusing on restaurant food delivery.

Air Freight & Logistics
10K-50K
Founded 2012
View All Jobs 112

Description

  • Lead and support HIPAA security compliance workstreams across multiple products, platforms, systems, and engineering teams.
  • Translate legal and regulatory requirements into actionable technical and operational control requirements.
  • Perform HIPAA readiness assessments, gap analyses, risk assessments, and control design and effectiveness reviews across cloud, SaaS, data, and internal tooling environments.
  • Build and maintain control mappings across HIPAA, HITRUST, SOC 2, ISO 27001, NIST 800-53, and DoorDash security standards.
  • Partner with Engineering and Security Engineering to implement controls for IAM, encryption, logging and monitoring, vulnerability management, secure SDLC, incident response, data retention, and access reviews.
  • Maintain HIPAA program documentation, including policies, standards, procedures, control narratives, evidence requirements, risk registers, exception records, and remediation plans.
  • Support internal and external audits, customer assessments, security questionnaires, and compliance evidence collection.
  • Partner with Legal and Security Operations on incidents involving PHI/ePHI, including compliance impact analysis, documentation, and remediation tracking.
  • Improve GRC tooling, workflows, dashboards, and continuous control monitoring to reduce manual compliance overhead.
  • Provide practical guidance to technical and non-technical stakeholders and monitor regulatory and industry changes related to HIPAA and related frameworks.

Requirements

  • 6+ years of experience in security compliance, GRC, risk management, audit, privacy/security operations, or related information security roles.
  • 3+ years of hands-on experience implementing, operating, or materially maturing HIPAA programs in a technology, SaaS, health-tech, or highly regulated environment.
  • Strong working knowledge of HIPAA Security Rule requirements and practical experience applying HIPAA safeguards to cloud, SaaS, data, and engineering environments.
  • Understanding of PHI/ePHI data flows and experience partnering with engineering teams on data classification, access controls, encryption, logging, retention, and secure data handling.
  • Experience with adjacent frameworks and standards such as HITRUST, SOC 2, ISO 27001, NIST 800-53, PCI DSS, GDPR, or CCPA.
  • Experience supporting audits, compliance assessments, control testing, evidence collection, risk assessments, and remediation programs.
  • Ability to translate complex compliance requirements into clear, actionable tasks for Engineering, Product, Security, IT, Legal, and Privacy stakeholders.
  • Technical fluency with cloud architecture, APIs, IAM, CI/CD, infrastructure-as-code, logging, vulnerability management, and security monitoring concepts.
  • Strong communication, documentation, and project management skills with the ability to drive cross-functional progress independently.
  • Preferred: experience working directly with Engineering or Security Engineering teams in a high-growth technology company, scaling a HIPAA program, earning HITRUST/SOC 2/ISO 27001 certification, handling third-party risk and vendor reviews, or supporting privacy/security incident response and breach assessments.
  • Preferred: familiarity or interest in AI, data platforms, healthcare interoperability, payments, or marketplace environments, and ideally experience building something with AI.

Benefits

  • Base salary range of $132,600 to $195,000 USD.
  • Opportunities for equity grants.
  • 401(k) plan with employer matching.
  • 16 weeks of paid parental leave.
  • Medical, dental, and vision benefits.
  • 11 paid holidays, paid time off, and paid sick leave.
  • Wellness benefits, including wellness expense reimbursement and a mental health program.
  • Commuter benefits match, disability and basic life insurance, and family-forming assistance.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

Mindrift.ai: Be the “I” in AI

Regulatory Compliance Manager (CRCM) - Freelance AI Trainer

Mindrift.ai: Be the “I” in AI Internet Software & Services

Mindrift is seeking project-based U.S. banking compliance specialists to create and evaluate regulatory testing scenarios, citations, and documentation for AI-related compliance work.

United States Part-time Senior Compliance Manager Training Manager
Up to $0k
8 hours, 50 minutes ago
Energy Exemplar

Senior Security & Compliance Analyst

Energy Exemplar 251-1K Internet Software & Services

Energy Exemplar is hiring a Sr. Security & Compliance Analyst to support security, risk, compliance, vulnerability management, and AI governance programs across its cloud and enterprise operations.

India Senior Compliance Manager
Cybersecurity
8 hours, 50 minutes ago
Mindrift.ai: Be the “I” in AI

Regulatory Compliance Manager (CRCM) - Freelance AI Trainer

Mindrift.ai: Be the “I” in AI Internet Software & Services

Mindrift is seeking part-time, project-based U.S. banking compliance specialists to test, evaluate, and improve AI systems through regulatory, examination, and audit scenario work.

United States Part-time Senior Compliance Manager
Up to $125k
9 hours, 5 minutes ago
ISTA Solutions

Healthcare Compliance Talent Pool - Remote US-Based Roles (SA)

ISTA Solutions 251-1K Professional Services

ISTA Personnel Solutions is building a remote talent pool of South African healthcare compliance and documentation professionals for future US-based healthcare operations support roles.

South Africa Full-time Junior Compliance Manager
9 hours, 5 minutes ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers