Job Description:
• Lead and support HIPAA security compliance workstreams across products, platforms, systems, and engineering teams.
• Turn legal requirements into actionable technical and operational control requirements.
• Perform HIPAA readiness assessments, gap analyses, risk assessments, and control design/effectiveness reviews.
• Build and maintain control mappings across HIPAA, HITRUST, SOC 2, ISO 27001, NIST 800-53, and DoorDash security standards.
• Partner with Engineering and Security Engineering to implement scalable controls.
• Maintain HIPAA security program documentation including policies, standards, and procedures.
• Support internal and external audits and compliance evidence collection.
• Partner with Legal and Security Operations on incidents involving PHI/ePHI.
• Mature GRC tooling and continuous control monitoring
• Provide practical guidance to stakeholders regarding HIPAA requirements.
• Monitor regulatory changes related to HIPAA and healthcare security.
Requirements:
• 6+ years of experience in security compliance, GRC, risk management, audit, privacy/security operations, or related information security roles.
• 3+ years of hands-on experience implementing, operating, or materially maturing HIPAA programs in a technology, SaaS, health-tech, or highly regulated environment.
• Strong working knowledge of HIPAA Security Rule requirements.
• Practical experience applying HIPAA safeguards to cloud, SaaS, data, and engineering environments.
• Experience with adjacent frameworks and standards such as HITRUST, SOC 2, ISO 27001, NIST 800-53, PCI DSS, GDPR or CCPA.
• Experience supporting audits, compliance assessments, control testing, evidence collection, risk assessments, and remediation programs.
• Ability to translate complex compliance requirements into clear, actionable tasks.
• Technical fluency to understand cloud architecture, APIs, IAM, CI/CD, infrastructure-as-code, logging, vulnerability management, and security monitoring concepts.
• Strong communication and documentation skills.
Benefits:
• 401(k) plan with employer matching
• 16 weeks of paid parental leave
• Wellness benefits
• Commuter benefits match
• Paid time off
• Paid sick leave
• Medical benefits
• Dental benefits
• Vision benefits
• 11 paid holidays
• Disability insurance
• Basic life insurance
• Family-forming assistance
• Mental health program