Governance, Risk, and Compliance Officer – Part-Time

🕒 April 3

🇺🇸 United States – Remote

⏱ Part Time

🟡 Mid-level

🟠 Senior

🚔 Compliance

🦅 H1B Visa Sponsor

This company has sponsored H1B visas in the past.

Apply Now

Find Similar Remote Jobs

Receive Emails For Remote Jobs

📊 Check your resume score for this job

Improve your chances of getting an interview by checking your resume score before you apply.

Upload Resume

Freed

WebsiteLinkedInAll Job Openings

1 - 10 employees

⚕️ Healthcare Insurance

🤖 Artificial Intelligence

☁️ SaaS

Healthcare Insurance • Artificial Intelligence • SaaS

Freed is an AI-driven medical scribe service aimed at enhancing clinician efficiency by listening, transcribing, and writing SOAP notes for healthcare professionals. Its platform is designed to save time for clinicians by accurately capturing patient interactions and generating notes in seconds, tailored to individual styles. Freed is fully compliant with HIPAA regulations, ensuring data security for its users. With a focus on improving clinician satisfaction and reducing documentation burdens, Freed improves the quality of interactions between healthcare providers and patients, enabling clinicians to spend more quality time with their patients and reclaim their personal time.

📋 Description

• Own SOC 2 and HIPAA programs end-to-end • Manage auditor relationships and streamline evidence collection • Maintain continuous audit readiness via Drata • Improve audit efficiency • Own vendor compliance intake (BAAs, DPAs, security reviews) • Build and maintain a centralized vendor registry with PHI exposure mapping • Establish fast, repeatable onboarding processes • Partner with Engineering on vendor security assessments • Audit and remediate ~30 existing policies with outdated ownership structures • Replace “phantom roles” (e.g., Security Officer) with real owners • Establish a meaningful policy review cadence • Draft new policies (data retention, vendor management, access controls) • Own and operate Drata (controls, evidence, personnel tasks) • Manage Trust Center accuracy and external posture • Handle customer security questionnaires • Support Sales with compliance documentation for enterprise deals • Document PHI data flows and system boundaries • Support incident response from a compliance perspective • Stay current on HIPAA and regulatory developments

🎯 Requirements

• 5+ years in GRC, security compliance, or related roles (startup experience strongly preferred) • Deep experience with SOC 2 and HIPAA (hands-on ownership, not advisory) • Strong familiarity with vendor risk management, BAAs, DPAs, and audits • Experience with tools like Drata or similar compliance platforms • Ability to operate independently in a fractional, high-ownership role • Strong judgment - able to make pragmatic tradeoffs, not over-engineer

🏖️ Benefits

• Competitive salary and equity in a high-growth company • Opportunity to make an immediate impact • Medical, dental, and vision coverage • Unlimited paid time off • Company-sponsored annual retreats • 401(k) plan to support your long-term financial goals • Commuter stipend for San Francisco-based employees