This job has expired

This position was posted on March 28, 2026 and is likely no longer accepting applications. We've kept it here for historical reference. Check out the similar jobs below!

Security Compliance Analyst, GRC

Hims & Hers Health, Inc.

Job Overview

Location

US Remote

Job Type

Full-time

Full Job Description

📋 Description

• As a Security Compliance Analyst, GRC at Hims & Hers Health, Inc., you will play a critical role in safeguarding the company’s mission to deliver accessible, personalized healthcare by ensuring that all systems, processes, and AI-driven innovations meet rigorous security, privacy, and regulatory standards. Your work directly enables the company to scale securely in a highly regulated industry while maintaining trust with customers, partners, and regulators.
• You will partner across Security, Engineering, Legal, Privacy, Finance, and AI/ML teams to operationalize governance, risk, and compliance (GRC) initiatives, translating complex regulatory requirements into actionable controls and processes that support business agility without compromising safety or compliance.
• Day to day, you will: support and maintain security and compliance programs aligned with NIST, ISO, PCI DSS, and HIPAA frameworks; assist in maintaining alignment with global privacy regulations including GDPR and CCPA; contribute to the development, implementation, and maintenance of security, privacy, and AI governance policies and procedures; coordinate and support internal and external audits such as SOX, PCI DSS, SOC 2, ISO, and HIPAA; track and manage remediation efforts for identified risks, control gaps, and audit findings; support third-party risk management processes, including vendor assessments for AI/ML and data processing providers; collaborate with engineering, data, and AI/ML teams to ensure secure and compliant system and model lifecycle practices; maintain and improve GRC tooling such as AuditBoard, Vanta, or similar platforms; monitor regulatory and framework changes, including emerging AI governance requirements; develop and maintain risk registers, control matrices, and compliance documentation; conduct risk assessments covering technology, security, privacy, and AI/ML model risks; assist with security, privacy, and responsible AI awareness and training initiatives; and provide regular reporting and metrics on risk posture, compliance status, and AI governance maturity.
• You will join a mission-driven, fast-paced healthcare technology company that is publicly traded on the NYSE (HIMS) and committed to redefining healthcare through innovation, accessibility, and personalization. Hims & Hers fosters a talent-first, flexible, and remote-friendly culture that values diversity, ethics, wellness, and belonging, with a strong emphasis on responsible innovation in AI and data-driven health solutions.
• In this role, you will deepen your expertise in healthcare-specific compliance, AI governance, and cross-functional GRC operations while gaining hands-on experience with cutting-edge tools and frameworks. You will have the opportunity to influence the maturation of a scalable GRC program in a high-growth environment, build credibility as a trusted advisor on security and AI risk, and advance your career in a company that prioritizes ethical innovation and employee growth.

🎯 Requirements

• Bachelor’s degree in Cybersecurity, Information Security, Information Technology/Systems, or a related field
• 3–5 years of experience in GRC, security compliance, risk management, audit, or a related field
• Experience supporting audits and compliance assessments (e.g., SOX, PCI DSS, SOC 2, ISO, HIPAA)
• Familiarity with core frameworks: NIST CSF, PCI DSS, HIPAA, ISO 27001/27002, and global privacy regulations (GDPR, CCPA)
• Working knowledge of GRC tools (AuditBoard, Vanta, Drata, Archer, ServiceNow GRC, or similar) and ticketing/workflow/documentation tools (Jira, Freshservice, Confluence, GitHub, etc.)
• Ability to communicate security, privacy, and AI risk concepts to both technical and non-technical stakeholders

🏖️ Benefits

• Competitive salary & equity compensation for full-time roles
• Unlimited PTO, company holidays, and quarterly mental health days
• Comprehensive health benefits including medical, dental & vision, and parental leave
• Employee Stock Purchase Program (ESPP)
• 401k benefits with employer matching contribution
• Offsite team retreats

Skills & Technologies

AWS

Azure

GitHub

Remote

Degree Required

Ready to Apply?

Apply Externally

You will be redirected to an external site to apply.

AI Job Fit Analysis

Pro

See exactly how your profile matches this role — strengths, skill gaps, and what to do about them.

Hims & Hers Health, Inc.

Visit Website

About Hims & Hers Health, Inc.

Hims & Hers Health is a telehealth platform providing online consultations, prescription medications and over-the-counter wellness products for conditions such as hair loss, erectile dysfunction, anxiety, depression, skin care, and sexual health. Operating in the United States and select international markets, the company connects patients with licensed physicians and pharmacies, delivering treatments through subscription plans and direct-to-consumer shipping, while emphasizing privacy, affordability and accessibility.

View Company Profile

Get more remote jobs like this

Subscribe to the weekly newsletter for similar remote roles and curated hiring updates.

Weekly remote jobs and featured talent.

No spam. Only curated remote roles and product updates. You can unsubscribe anytime.