Security Compliance and Privacy Manager @ Function Health
Your Application Journey
Email Hiring Manager
Job Details
About Us
Function Health was founded with a singular focus: empower you to live 100 healthy years. Using the best available technology, we ensure people don't suffer or die a preventable death. Recognized as one of Fast Company’s Most Innovative Companies of 2024 and backed by Andreessen Horowitz (a16z), our mission is to positively impact global health.
Role
As the Security Compliance and Privacy Manager at Function Health, you will build and manage an automation-first compliance program to meet SOC 2 Type II, HIPAA and other regulatory requirements. In this hands-on, impact-driven role, you will serve as the primary liaison with auditors, external assessors, and vendors while partnering with Legal to translate privacy and regulatory requirements into actionable controls.
Key Responsibilities
- Lead SOC 2 Type II and HIPAA compliance operations including evidence collection and control testing.
- Act as primary contact for auditors, external assessors and internal stakeholders.
- Partner with Legal to ensure compliance with privacy regulations such as HIPAA, GDPR, and state laws.
- Maintain a unified control framework mapping multiple compliance standards.
- Oversee vendor risk management including onboarding and third-party reviews.
- Drive quarterly compliance activities like access reviews and risk register updates.
- Translate regulatory requirements into engineer-friendly tasks and executive summaries.
- Identify automation opportunities in compliance workflows.
- Support privacy operations including data retention and member data management.
- Foster a culture where compliance and privacy are viewed as enablers.
Qualifications/Skills
- 6–10 years’ experience in compliance, GRC, or risk management, preferably in SaaS or healthtech.
- Strong knowledge of SOC 2 and HIPAA; familiarity with GDPR, CCPA/CPRA, or HITRUST.
- Proven ability to lead audits and represent compliance to external parties.
- Experience coordinating with Engineering, IT, Legal, and Operations.
- Familiarity with compliance automation tools and cloud environments like Okta, GCP, and GitHub.
- Excellent communication skills for preparing policies, audit documentation, and executive reports.
- Ability to influence teams toward secure and compliant practices.
- Bonus: Experience in healthcare data protection or building privacy programs in regulated industries.
To Be a Strong Fit, You Also Need
- Bias Toward Action: Ability to take initiative and move projects forward.
- Entrepreneurial Spirit: Adaptable and process-oriented mindset.
- Communication: Capable of explaining complex technical concepts simply.
- Remote Work Adaptability: Effective in remote work environments.
- Continuous Improvement: Committed to ongoing personal and professional growth.
Key skills/competency
- SOC2
- HIPAA
- Compliance
- GRC
- Risk Management
- Privacy
- Automation
- Cloud
- Audit
- Vendor Management
How to Get Hired at Function Health
🎯 Tips for Getting Hired
- Research Function Health's culture: Explore their mission and recent innovative news.
- Customize your resume: Highlight compliance and privacy skills.
- Emphasize automation experience: Detail hands-on compliance project management.
- Prepare for technical interviews: Review SOC 2, HIPAA, and automation tools.
- Network on LinkedIn: Connect with current Function Health employees.