Senior Cybersecurity Analyst

📋 Description

• • Rad AI is at the forefront of revolutionizing healthcare through artificial intelligence, with a specific focus on transforming radiology. Our mission is to empower physicians with cutting-edge AI solutions that save time, alleviate burnout, and significantly improve patient care. We have amassed one of the world's largest proprietary datasets for radiology reports, enabling our AI to identify hundreds of new cancer diagnoses and reduce error rates in millions of reports by nearly 50%. This impactful work is supported by over $140M in funding, including a recent $68M Series C round led by Transformation Capital, valuing the company at $528M. Our esteemed investors include Khosla Ventures, World Innovation Lab, Gradient Ventures, and Cone Health Ventures, all aligned with our vision.
• • As a Senior Cybersecurity Analyst at Rad AI, you will be instrumental in safeguarding our organization, spearheading compliance initiatives, meticulously managing risks, and acting as a crucial liaison between our company, customers, and internal stakeholders. This role transcends purely technical responsibilities, requiring a balanced expertise in audit processes, security best practices, project management discipline, and exceptional communication skills. You will report directly to the Director of IT & Cybersecurity, contributing to the strategic security posture of a rapidly growing, innovative company.
• • Your core responsibilities will encompass managing the entire lifecycle of SOC 2 Type II audit cycles. This includes the initial scoping, diligent evidence collection, and coordination with auditors and internal teams to ensure a successful outcome. You will serve as the primary point of contact throughout these critical audit processes.
• • You will also be responsible for coordinating comprehensive HIPAA compliance assessments. This involves conducting thorough risk analyses, reviewing and updating security policies and procedures, and managing Business Associate Agreements (BAAs) to ensure adherence to healthcare data regulations.
• • A key aspect of this role involves performing structured gap analyses against recognized security and compliance frameworks such as SOC 2, HIPAA, ISO 42001, and NIST CSF. The insights gained from these analyses will be used to identify control deficiencies and to develop prioritized roadmaps for remediation, ensuring continuous improvement of our security controls.
• • You will actively track the progress of risk mitigation and remediation plans, ensuring that all stakeholders are accountable and that measurable progress is being made towards accepted risk thresholds. This proactive approach to risk management is vital for maintaining a robust security posture.
• • A significant part of your engagement will be responding to enterprise customer security questionnaires. You will act as the primary point of contact for these inquiries, engaging directly with customers and prospects to address their security concerns and build trust.
• • To effectively address technical assessment questions, you will need to demonstrate a strong understanding of our system and data architecture. This includes cloud infrastructure, data flows, and access controls, enabling you to provide accurate and confident responses.
• • You will contribute to the development and maintenance of a reusable security response library. This resource, including a trust portal, standardized questionnaire answers, and architectural diagrams, will significantly accelerate future customer engagements and streamline our security communication efforts.
• • You will serve as a dedicated security partner to various departments, including Engineering, Product, Legal, Sales, and Customer Success. Your role will involve translating complex security and compliance requirements into clear, actionable guidance tailored for non-security audiences, fostering a security-aware culture across the organization.
• • You will actively participate in architecture and design reviews for new systems and features. This ensures that security and compliance requirements are integrated from the outset, preventing potential vulnerabilities before deployment.
• • Maintaining an up-to-date understanding of artificial intelligence and automation technologies is crucial. You will need to grasp their specific security and compliance implications within Rad AI's innovative platforms.
• • Furthermore, you will leverage AI-assisted tools to enhance the efficiency of our security operations. This includes utilizing AI for threat analysis, automated evidence collection, and optimizing other critical cybersecurity workflows, demonstrating Rad AI's commitment to innovation in security practices.
• • By joining Rad AI, you will be part of a world-class team dedicated to building and deploying AI solutions that empower physicians and transform patient care, making a tangible impact on millions of lives. Our culture is driven by transparency, inclusion, and close collaboration, bringing together exceptional individuals to revolutionize healthcare. If you are passionate about driving innovation and delivering impactful healthcare solutions, we encourage you to apply.