^{PolyAI automates customer service through lifelike voice assistants that let customers lead a conversation. Our voice assistants make it possible for businesses to deliver outstanding customer service that rivals their human agents. Our customers, which include the world’s leading logos, are expanding how they use our platform, driving automation of critical customer service operations and integrating PolyAI into their daily customer service workflows.} 

^{We are seeking a Compliance Lead with deep expertise in US healthcare regulations, specifically HIPAA and HITRUST. You’ll be the company’s subject matter expert in regulatory compliance, responsible for designing, implementing, and maintaining scalable compliance programs that support innovation while mitigating risk.}

^{Key Responsibilities:}

• ^{Regulatory Compliance}
  
  
• ^{Own and manage compliance programs related to HIPAA, HITRUST and other US-focused Compliance requirements}
• ^{Lead risk assessments, gap analyses, and readiness reviews.}
• ^{Serve as the internal expert on federal and state healthcare privacy and security laws.}
  
  
• ^{Audit and Certification}
  
  
• ^{Oversee annual audits and certification efforts such as  HITRUST, SOC 2 Type 2, ISO 27001.}
• ^{Work cross-functionally with security, engineering, and product teams to ensure audit readiness.}
  
  
• ^{Policy Development & Governance}
  
  
• ^{Draft, update, and enforce internal compliance and data privacy policies.}
• ^{Develop and maintain documentation of compliance processes and controls.}
  
  
• ^{Training & Awareness}
  
  
• ^{Lead training programs across the organization to promote a culture of compliance in topic-specific areas.}
• ^{Stay ahead of evolving regulations and advise stakeholders on regulatory impact.}
  
  
• ^{Risk Management}
  
  
• ^{Identify, track, and remediate compliance risks.}
• ^{Collaborate with Legal, Security and Product teams to design and implement controls that protect PHI and other sensitive data.}
  
  
• ^{Stakeholder Management}
  
  
• ^{Act as a point of contact for external auditors and client representatives.}
• ^{Support enterprise customers with compliance-related due diligence, RFPs, and security questionnaires.}
  
  

^{Qualifications:}

• ^{3+ years of experience in a compliance, risk, or security role in the US healthcare or health tech industry. Familiarity with the European healthcare landscape is a plus.}
• ^{Deep knowledge of HIPAA, HITRUST, and one or more of ISO 27001 or SOC 2 Type 2 frameworks.}
• ^{Proven experience leading external audits and compliance certifications.}
• ^{Experience working in a SaaS, AI, or healthtech environment.}
• ^{Strong understanding of data governance, privacy laws (e.g., CCPA, GDPR, DTAC), and third-party risk management.}
  
  

^Preferred:

• ^{Certifications such as CIPP/US, CIPP/E, CHC, CHPC, CISSP, CISA, or similar.}
• ^{Experience building compliance programs from the ground up in a startup or high-growth tech environment.}
• ^{Familiarity with AI/ML governance, ethical AI, or data ethics in healthcare.}
• ^{Using a Compliance management platform such as Vanta}

^{Key Competencies:}

• ^{Strategic and hands-on mindset - willing to dive into details when needed.}
• ^{Strong interpersonal and communication skills - able to work with technical and non-technical teams.}
• ^{Proactive and solution-oriented - able to navigate ambiguity and scale compliance frameworks for growth.}
• ^{High integrity and commitment to ethical standards.}
  
  

^{We provide a competitive salary range for this role - which is $130,000 - $150,000 - depending on level and experience. Please note this range is intended as a guide, not a guarantee. Final compensation will be based on individual qualifications, relevant experience, and the scope of the role.}

^{In addition to salary, this position includes equity in the business, giving you the opportunity to share in the company’s long-term success.}

^Benefits

^{💰 Participation in the company’s employee share options plan}

^{🏥 100% of Single Cost (employee) and 70% of Dependent for medical, dental & vision}

^{👪 Life Insurance}

^{◻️ STD and LTD}

^{💰 The opportunity to contribute to the company's 401k plan}

^{🏝 Flexible PTO policy + 11 designated company holidays}

^{📚 Annual learning and development allowance}

^{🏡 We’re all about making WFH work for you - that’s why you’ll receive a one-off WFH allowance when you join. Offering perks like noise-cancelling headphones or a comfortable desk chair to boost your comfort and focus!}

^{🧡 Enhanced parental leave}

^{👨‍👩‍👧 Company-funded fertility and family-forming programmes}

^{🌸 Menopause care programme with Maven}

^{At PolyAI, we take great pride in our values - they guide everything we do. We believe that a strong culture leads to meaningful work and lasting impact.}

^{Our core values are:}

^{Only the best
We expect the best from our people, we hire people that expect the best from themselves, and we nurture this drive for excellence.}

^{Ownership
We care deeply about what we do. We take ownership of our initiatives, decisions and outcomes.}

^{Relentlessly improve
We demand more from ourselves and are always evolving. Continuous, obsessive improvement is the only way we will transform the world of conversational AI.}

^{Bias for action
Our world moves quickly and so do we. We take calculated risks and we deliver impact fast.}

^{Disagree and commit
We are all working toward the same goal. If we donʼt agree with something, we work hard to understand it and when a decision is made, we accept it and give it our all.}

^{Build for people
We are hyper-focused on delivering the best automated experiences possible so that we can empower people to get exactly what they need, when they need it.}

^{PolyAI is proud to be an equal-opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all employees. All employment decisions at PolyAI will be based on the business needs without attention to ethnicity, religion, sexual orientation, gender identity, family or parental status, national origin, neurodiversity status or disability status.}

^{Kindly find the Privacy Notice for our recruitment process by following the link here. This document provides important information regarding how we handle your personal data throughout the recruitment journey.}