[Remote] U.S. Healthcare Compliance Lead (Tech/AI)

Note: The job is a remote job and is open to candidates in USA. PolyAI is a company that automates customer service through lifelike voice assistants. They are seeking a Compliance Lead with deep expertise in US healthcare regulations to design, implement, and maintain compliance programs that support innovation while mitigating risk. Responsibilities • Own and manage compliance programs related to HIPAA, HITRUST and other US-focused Compliance requirements • Lead risk assessments, gap analyses, and readiness reviews. • Serve as the internal expert on federal and state healthcare privacy and security laws. • Oversee annual audits and certification efforts such as HITRUST, SOC 2 Type 2, ISO 27001. • Work cross-functionally with security, engineering, and product teams to ensure audit readiness. • Draft, update, and enforce internal compliance and data privacy policies. • Develop and maintain documentation of compliance processes and controls. • Lead training programs across the organization to promote a culture of compliance in topic-specific areas. • Stay ahead of evolving regulations and advise stakeholders on regulatory impact. • Identify, track, and remediate compliance risks. • Collaborate with Legal, Security and Product teams to design and implement controls that protect PHI and other sensitive data. • Act as a point of contact for external auditors and client representatives. • Support enterprise customers with compliance-related due diligence, RFPs, and security questionnaires. Skills • 3+ years of experience in a compliance, risk, or security role in the US healthcare or health tech industry. Familiarity with the European healthcare landscape is a plus. • Deep knowledge of HIPAA, HITRUST, and one or more of ISO 27001 or SOC 2 Type 2 frameworks. • Proven experience leading external audits and compliance certifications. • Experience working in a SaaS, AI, or healthtech environment. • Strong understanding of data governance, privacy laws (e.g., CCPA, GDPR, DTAC), and third-party risk management. • Certifications such as CIPP/US, CIPP/E, CHC, CHPC, CISSP, CISA, or similar. • Experience building compliance programs from the ground up in a startup or high-growth tech environment. • Familiarity with AI/ML governance, ethical AI, or data ethics in healthcare. • Using a Compliance management platform such as Vanta Benefits • Participation in the company’s employee share options plan • 100% of Single Cost (employee) and 70% of Dependent for medical, dental & vision • Life Insurance • STD and LTD • The opportunity to contribute to the company's 401k plan • Flexible PTO policy + 11 designated company holidays • Annual learning and development allowance • We’re all about making WFH work for you - that’s why you’ll receive a one-off WFH allowance when you join. Offering perks like noise-cancelling headphones or a comfortable desk chair to boost your comfort and focus! • Enhanced parental leave • Company-funded fertility and family-forming programmes • Menopause care programme with Maven Company Overview • PolyAI develops a machine learning platform for conversational artificial intelligence. It was founded in 2017, and is headquartered in London, England, GBR, with a workforce of 201-500 employees. Its website is Apply tot his job