IT Compliance Manager

About EliseAI

EliseAI develops cutting-edge conversational AI technology for industries fundamental to our lives: housing and healthcare. Everything is built on the foundation of health and home. Broken systems or ineffective processes in these domains have a disproportionate impact on our quality of life and society’s overall wellbeing. Conversely, any solution or technology that solves problems in these areas will have an impact that ripples far beyond them. 

That’s the only kind of impact we are interested in having at EliseAI. If you get excited by the thought of working really hard on these kinds of problems, then EliseAI is the right place for you.

About The Role

As the IT Compliance Manager, you will take the lead on managing the company’s compliance and IT posture, overseeing audits, ensuring adherence to security standards, and executing key security initiatives like Single Sign-On (SSO) rollout. You will also play a key role in managing compliance with frameworks such as SOC 2, PCI DSS, HIPAA, and more, while overseeing relationships with auditors and vendors.

You will manage projects related to compliance and security, working with HR and other teams to ensure that the company's systems and processes meet regulatory standards and are secure. 

Key Responsibilities:

Compliance Audits:

• Lead and manage internal and external compliance audits.
• Prepare and review audit documentation to ensure completeness and accuracy.
• Collaborate with third-party auditors to support successful audit outcomes, ensuring compliance with SOC 2, PCI DSS, HIPAA, and other relevant frameworks.
• Track audit findings and ensure prompt remediation of any non-compliance issues.

Security & Risk Management:

• Develop, implement, and manage security controls to meet compliance requirements (SOC 2, PCI DSS, HIPAA).
• Work to ensure systems and processes are secure and in compliance with industry standards.
• Maintain and update security policies and procedures to mitigate risks related to data protection, user access, and other compliance issues.

Vendor and Provider Management:

• Recommend and evaluate third-party vendors and service providers for security and compliance-related needs.
• Work with legal and procurement teams to ensure vendor contracts align with security and compliance standards.
• Monitor ongoing vendor compliance and ensure third-party audits are completed as necessary.

IT Compliance Tools & Systems:

• Utilize and manage compliance-related tools for auditing and security management (e.g., Jamf, Hexnode, SSO, provisioning and deprovisioning platforms).
• Oversee the configuration and management of tools to ensure they meet compliance requirements and are fully operational.
• Ensure proper logging and monitoring are in place for compliance and security purposes.

SSO & User Lifecycle Management:

• Oversee the implementation and management of Single Sign-On (SSO) systems and identity management platforms. Ensure secure and compliant user provisioning and deprovisioning, aligning with internal policies and regulatory requirements.

Onboarding & Offboarding Compliance:

• Lead initiatives to centralize IT tools and user access management systems. 
• Lead initiatives to optimize and streamline onboarding and offboarding processes, ensuring that user access is securely provisioned and deprovisioned in compliance with security policies.
• Collaborate with HR and other teams to maintain efficient workflows that protect company systems and data throughout the employee lifecycle.

Continuous Improvement:

• Stay up-to-date with the latest regulatory changes and industry best practices in IT compliance.
• Provide recommendations for improvements in processes, tools, and security measures to maintain compliance.
• Guide internal teams on IT compliance best practices and regulatory requirements.

Preferred Qualifications:

• Bachelor's degree in relevant field.
• 5+ years of experience in compliance, security, or audit roles, preferably in a startup or tech environment.
• In-depth knowledge of SOC 2, PCI DSS, HIPAA, and other relevant compliance frameworks.
• Strong experience with compliance tools such as Vanta, security audits, and managing third-party auditors.
• Experience with IT systems and tools such as Jamf, Single Sign-On (SSO), user provisioning and deprovisioning, and related security tools.
• Proven ability to manage complex projects and work cross-functionally with technical and non-technical teams.
• Strong problem-solving skills and the ability to make informed recommendations based on risk and compliance needs.

Why Join

Growth and impact. It’s not often that you can get in on the ground floor of a funded startup that’s scaling. That means that instead of following a playbook, you’ll be writing it. Every single day you will be challenged to identify how we can scale and execute on it. You’ll learn what works when you succeed and what doesn’t when you fail. Either way, the rest of the team will be here to support you.

Benefits

In addition to the growth and impact you’ll have at EliseAI, we offer competitive salaries along with the following benefits:

• Equity in the company in the form of stock options 
• Medical, Dental and Vision premiums covered at 100%  
• Fully paid parental leave
• Commuter benefits 
• 401k benefits
• Monthly fitness stipend
• Our brand new Midtown south office with an open floor plan, fully stocked kitchen, and company paid lunch
• Fun company social events through our Elise and the City program
• Unlimited vacation and paid holidays

We'll cover relocation packages from outside of the Greater NYC metro area - we'll make the move exciting, not painful.

Job Compensation Range:

The salary range for this role is $90,000- $160,000 EliseAI offers a competitive total rewards package which includes base salary, equity, and a comprehensive benefits & perks package. Exact compensation is determined based on a number of factors including experience, skill level, location and qualifications which are assessed during the interview process. Additional details about total compensation and benefits will be provided by our Recruiting Team during the hiring process.

EliseAI provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws.

If you need assistance and/or a reasonable accommodation in the application or recruiting process due to a disability, please contact us at [email protected].

#li-onsite