Cybersecurity Compliance Consultant (Contract)- HIPAA & SOC2 🗂️ 📊- Remote for a US SaaS Startup 🚀

Company Overview:

The client is a venture-backed startup simplifying access to essential benefits for frontline workers. Their AI-powered platform helps employees easily find and apply for benefits like childcare, elder care, and nutrition programs.

With backing from major enterprise retail investors and $2.5M secured in funding, they're expanding their reach to serve leading retailers, healthcare providers, and Fortune 500 companies. Our diverse, remote-first team is spread across the globe, united in our mission to empower employees and create healthier workplaces.

They're currently on the brink of Series A funding, which means you'll have the opportunity to join them at an exciting stage of growth.

Your Role:

The Cybersecurity Compliance Consultant (Contract) will focus on renewing the client's SOC 2 certification and managing HIPAA compliance processes. The ideal candidate will have expertise in process optimization, SOC security management, and experience with compliance automation tools like Drata. This role involves reviewing and unifying cybersecurity policies, creating and updating necessary documentation, and ensuring overall compliance across multiple frameworks. The client is open to hiring on a project basis, offering flexibility to work full-time over a shorter period or part-time over an extended duration.

Key Responsibilities:

• Lead the preparation and execution of the SOC 2 audit renewal process.
• Conduct a comprehensive gap analysis to identify areas requiring improvement.
• Review, unify, and update existing cybersecurity policies for consistency and compliance.
• Develop new policies as needed to address emerging security requirements.
• Manage file organization and documentation repositories for efficient access and audit readiness.
• Oversee the HIPAA compliance process, including policy development and implementation.
• Ensure all practices meet HIPAA regulations and industry best standards.
• Utilize Drata to automate evidence collection and streamline compliance processes across multiple frameworks.
• Provide training and guidance to cross-functional teams to implement compliance controls and promote best practices.

You Bring:

• 5+ years of experience in cybersecurity compliance or a related role.
• Proven experience with SOC 2 audits and HIPAA compliance processes.
• Experience using Drata or similar compliance automation tools.
• Strong understanding of multiple compliance frameworks (SOC 2, HIPAA, GDPR, PCI, ISO 27001).
• Expertise in lean execution and efficient management of cybersecurity policies.
• Excellent organizational skills and attention to detail.
• Ability to work independently and manage flexible schedules.
• Strong communication and interpersonal skills.

Bonus Points:

• Relevant certifications (e.g., CISSP, CISA, CISM, HITRUST).
• Experience in the SaaS industry, particularly in similar platforms.
• Familiarity with AI-powered platforms and technology integrations.
• Experience with other compliance frameworks (e.g., ISO 27001, GDPR).

What They Offer:

• Competitive hourly rate commensurate with experience.
• The opportunity to make a tangible impact on the company's growth and compliance standing.
• A collaborative, remote-first culture.
• Professional growth opportunities in a growing, tech-forward company.