Build and own the compliance function at Freed, ensuring audit readiness while streamlining vendor workflows and governing policies in a rapidly expanding AI healthcare environment.
Doctors are overworked, burnt out, and are quitting in masses.
At Freed, we combine clinician love with the latest AI tech and intense execution to create products that make clinicians happier.
Our first product is an AI scribe that automates medical documentation.
Since May of 2023, we have:
Acquired 26,000 paying and loving clinicians
Generated 100,000 patient notes daily and over 3 million monthly
With the backing of Sequoia Capital and other world-class VC’s, we are rapidly expanding our product offering. Patient-facing assistants, patient insights, EHR integrations, and other products are being built and used by thousands of clinicians every day.
We are looking for entrepreneurs. Fast, ambitious, and smart individuals who want to take care of the people who care for our health. Expect intense, clinician-focused, and interesting co-workers who want to win.
With an office in San Francisco, we embrace a hybrid schedule that brings out the best in teamwork and innovation. Our teams come together in person three days a week to collaborate, connect, and have a little fun along the way.
We are hiring a Fractional GRC Manager (part-time, ~20 hrs/week) to build and own our compliance function.
Freed operates in a highly regulated environment (SOC 2 Type 2, HIPAA) with PHI flowing across 150+ vendors. Today, compliance work is fragmented across senior leaders, creating inefficiencies, audit friction, and product delays.
This role will act as the single accountable owner for Governance, Risk, and Compliance, responsible for maintaining audit readiness, unblocking product and vendor workflows, and reducing the compliance burden on engineering and leadership.
This is a hands-on, embedded operator role - not advisory. You will work closely with Finance, Engineering, Infrastructure, Legal, and GTM teams.
Audit & Certification Ownership
Own SOC 2 and HIPAA programs end-to-end
Manage auditor relationships and streamline evidence collection
Maintain continuous audit readiness via Drata
Improve audit efficiency
Vendor Compliance & Risk Management
Own vendor compliance intake (BAAs, DPAs, security reviews)
Build and maintain a centralized vendor registry with PHI exposure mapping
Establish fast, repeatable onboarding processes
Partner with Engineering on vendor security assessments
Policy & Governance
Audit and remediate ~30 existing policies with outdated ownership structures
Replace “phantom roles” (e.g., Security Officer) with real owners
Establish a meaningful policy review cadence
Draft new policies (data retention, vendor management, access controls)
Compliance Operations
Own and operate Drata (controls, evidence, personnel tasks)
Manage Trust Center accuracy and external posture
Handle customer security questionnaires
Support Sales with compliance documentation for enterprise deals
Risk & Incident Support
Document PHI data flows and system boundaries
Support incident response from a compliance perspective
Stay current on HIPAA and regulatory developments
5+ years in GRC, security compliance, or related roles (startup experience strongly preferred)
Deep experience with SOC 2 and HIPAA (hands-on ownership, not advisory)
Strong familiarity with vendor risk management, BAAs, DPAs, and audits
Experience with tools like Drata or similar compliance platforms
Ability to operate independently in a fractional, high-ownership role
Strong judgment - able to make pragmatic tradeoffs, not over-engineer
Exposure to HITRUST or ISO 27001 frameworks
Experience working cross-functionally with Engineering and GTM teams
Background in scaling compliance functions from early-stage
Competitive salary and equity in a high-growth company
Opportunity to make an immediate impact
Medical, dental, and vision coverage
Unlimited paid time off
Company-sponsored annual retreats
401(k) plan to support your long-term financial goals
Commuter stipend for San Francisco-based employees
Health Insurance
Medical, dental, and vision coverage
401(k) plan
401(k) plan to support your long-term financial goals
Paid Time Off
Unlimited paid time off
Freed builds innovative tools powered by AI to enhance the daily lives of clinicians, making their work more efficient and enjoyable. Our focus is on creating solutions like an AI scribe that automates documentation, directly addressing the needs of healthcare professionals. By combining technology with a deep understanding of clinician workflows, we're transforming the way healthcare providers operate.
Please mention you found this job on AI Jobs. It helps us get more startups to hire on our site. Thanks and good luck!
Understand the required skills and qualifications, anticipate the questions you may be asked, and study well-prepared answers using our sample responses.
Compliance Officer Q&A's