Security GRC and Operations Lead

Company: Hippocratic AI
Location: Palo Alto
Posted on: January 30, 2025

Job Description:

About Us:Hippocratic AI has developed a safety-focused Large Language Model (LLM) for healthcare. The company believes that a safe LLM can dramatically improve healthcare accessibility and health outcomes in the world by bringing deep healthcare expertise to every human. No other technology has the potential to have this level of global impact on health.Why Join Our Team:

• Innovative Mission: We are developing a safe, healthcare-focused large language model (LLM) designed to revolutionize health outcomes on a global scale.
• Visionary Leadership: Hippocratic AI was co-founded by CEO Munjal Shah, alongside a group of physicians, hospital administrators, healthcare professionals, and artificial intelligence researchers from leading institutions, including El Camino Health, Johns Hopkins, Stanford, Microsoft, Google, and NVIDIA.
• Strategic Investors: We have raised a total of $278 million in funding, backed by top investors such as Andreessen Horowitz, General Catalyst, Kleiner Perkins, NVIDIA's NVentures, Premji Invest, SV Angel, and six health systems.
• World-Class Team: Our team is composed of leading experts in healthcare and artificial intelligence, ensuring our technology is safe, effective, and capable of delivering meaningful improvements to healthcare delivery and outcomes.For more information, visit .We value in-person teamwork and believe the best ideas happen together. Our team is expected to be in the office five days a week in Palo Alto, CA unless explicitly noted otherwise in the job descriptionAbout the role:As the Security GRC and Operations Lead at Hippocratic AI, you'll lead the charge to ensure security compliance across all our product offerings. Your role involves managing a comprehensive information security GRC program, navigating new and existing compliance standards, and building the security operations program to ensure proper oversight for monitoring and data compliance. You will be a member of the security team reporting to the CISO.Responsibilities:
  • Work with the CISO and other stakeholders to Identify, assess, and prioritize IT risks, advising stakeholders on appropriate courses of action to mitigate or eliminate risk. Serve as a trusted resource for healthcare-related risk and compliance inquiries.
  • Implement and maintain relevant legal and regulatory requirements, including SOC2, ISO, HITRUST, HIPAA Privacy & Security, HITRUST and other CMS regulations and guidelines updated by the Federal Government.
  • Be the leader and central point of contact for ongoing audits. Work across all departments including sales, engineering, devops and clinical teams.
  • Develop and optimize audit evidence collection and responses for Request for Proposals (RFPs)
  • Develop targeted training programs to educate staff on patient privacy, data security, and regulatory requirements and foster a culture of compliance and accountability across clinical and administrative teams.
  • Facilitate a metrics and reporting framework to measure program efficiency and effectiveness, ensuring appropriate resource allocation and increasing security maturity.
  • Prepare clear, actionable reports for leadership regarding compliance gaps and solutions. Assist in executive reporting, tabletop exercises and Build robust dashboarding and tooling to support the ongoing operational monitoring and detection capabilities.Qualifications & Skills
    • Education & Experience
      • Bachelor's degree with additional Certifications (e.g., CISM, CHPC, CRISC) preferred.
      • 5+ years in GRC, compliance, or audit, ideally within a healthcare, pharma or payor environment.
      • Technical & Professional Skills
        • Familiarity with healthcare regulations and frameworks (HIPAA, HITRUST).
        • Proven experience in risk assessments, auditing, and compliance reviews.
        • Strong analytical, problem-solving, and communication skills.
        • Soft Skills
          • Startup experience
          • Detail-oriented with high ethical standards.
          • Ability to collaborate effectively across clinical, administrative, and technical teams.
          • Organized and adaptable to shifting priorities in a fast-paced healthcare setting.Other Attributes:
            • High personal integrity, ability to handle confidential matters, and demonstrate judgment and maturity.
            • Initiative, dependability, and ability to work with minimal supervision.
              #J-18808-Ljbffr

Keywords: Hippocratic AI, Palo Alto , Security GRC and Operations Lead, Other , Palo Alto, California