GRC Specialist

About Us
At Sully.ai, We’re Building the Most Impactful Healthcare Company on Earth

We believe that access to a great doctor is a basic human right. Today, that’s not a reality. Delays, misdiagnoses, administrative chaos, and burnout plague the system.

Our Mission
One Human, One Doctor.
We enable our customers to staff 30% of their workforce with AI by creating a shared agent architecture for scale and efficiency. All powered by our own patented, world-class models and deployed in real-world care.

About the Role

• At Sully.ai, we're looking for a highly motivated and result-driven Security and Compliance Engineer who can take self-action and drive outcomes without needing direction. This individual will be responsible for identifying and resolving security and compliance risks that could potentially block customer acquisition and ensure that these risks do not block other teams from serving clients. They will be a key player in building and executing a Third Party Risk Management program, ensuring all user devices are fully compliant with security requirements, and creating a clear plan forward for contractor virtual environments.

Key Responsibilities

• Identify security and compliance risks that could potentially block customer acquisition, and resolve these risks without needing direction.

• Build and execute a Third Party Risk Management program, ensuring all user devices are fully compliant with security requirements.

• Create a clear plan forward for contractor virtual environments, ensuring compliance with security protocols.

• Take initiative in finding and accurately capturing risk items, backing up findings with research and evidence.

• Continuously look forward and build efficiencies and automations in daily tasks, driving predictable and repeatable revenue growth.

• Collaborate with cross-functional teams to drive complex enterprise negotiations, ensuring compliance with security and compliance frameworks.

• Develop and implement repeatable playbooks for outbound → demo → closed-won conversion, building high-performing sales teams and onboarding programs.

• Drive and systematize revenue growth, increasing demo conversion and leading complex enterprise negotiations with high stakes and long sales cycles.

Hard Requirements

• Mastery of security and compliance frameworks, with expertise in identifying and mitigating security risks.

• Strong analytical and problem-solving skills, with the ability to find and resolve problems without needing direction.

• Experience in building and executing Third Party Risk Management programs, ensuring compliance with security requirements.

• Strong ability to operate independently in ambiguity, execute decisively, and be self-driven and highly motivated.

• Experience in working with cloud-based security platforms, with a focus on building and executing security and compliance programs.

• Strong technical skills, with expertise in security protocols, risk management, and compliance frameworks.

Key Results (First 90 Days)

• Identify Security and Compliance items that could potentially block customer acquisition.

• Resolve Security and Compliance risks to company objectives.

• Build out a full Third Party Risk Management program leveraging in-place solutions. Add all current vendors to this platform.

• Get all user devices fully compliant with security requirements.

• Create a clear plan forward for contractor virtual environments.

• Ensure Security and Compliance does not block other teams from being able to serve clients.

Why Join Sully.ai?
🔥 Revolutionizing the antiquated $800B+ Healthcare market

🧠 60%+ Ex-founders who have built, scaled, exited. We hire A-players

⚡️ Speed matters: we operate with urgency, autonomy, and ownership

🧪 You’ll work on real, first-of-their-kind problems at the edge of AI and medicine

❤️ Your work directly unlocks doctors to reclaim their time, and patients get better, faster care

Sully.ai is an equal opportunity employer. In addition to EEO being the law, it is a policy that is fully consistent with our principles. All qualified applicants will receive consideration for employment without regard to status as a protected veteran or a qualified individual with a disability, or other protected status such as race, religion, color, national origin, sex, sexual orientation, gender identity, genetic information, pregnancy or age. Sully.ai prohibits any form of workplace harassment.