Apply

Ready to go for it?

AI Apply speeds things up—apply directly if you prefer.

FREE ACCESS
5,000–10,000 jobs/day
JobTailor Logo

See all jobs on JobTailor

Search thousands of fresh jobs every day.

Discover
  • Fresh listings
  • Fast filters
  • No subscription required
Create a free account and start exploring right away.
DoorDash

Senior GRC Analyst, HIPAA

DoorDash

Senior GRC Analyst for HIPAA compliance at DoorDash. Leading technical compliance efforts across engineering teams in a regulated environment.

Posted 6/26/2026full-timeRemote • California • 🇺🇸 United StatesSenior💰 $132,600 - $195,000 per yearWebsite

ATS Keywords

Tailor your resume
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills
HIPAA compliancerisk managementGRCauditcontrol designgap analysissecurity assessmentscloud architectureAPIsvulnerability management
Soft Skills
strong communicationdocumentation skillspractical guidancestakeholder engagementtranslating compliance requirements
Tools & Technologies
GRC toolingcloudSaaShealth-techsecurity monitoring
Industry Keywords
HIPAA Security RuleHITRUSTSOC 2ISO 27001NIST 800-53PCI DSSGDPRCCPAPHIePHI

Tech Stack

Tools & technologies
Cloud

About the role

Key responsibilities & impact
  • Lead and support HIPAA security compliance workstreams across products, platforms, systems, and engineering teams.
  • Turn legal requirements into actionable technical and operational control requirements.
  • Perform HIPAA readiness assessments, gap analyses, risk assessments, and control design/effectiveness reviews.
  • Build and maintain control mappings across HIPAA, HITRUST, SOC 2, ISO 27001, NIST 800-53, and DoorDash security standards.
  • Partner with Engineering and Security Engineering to implement scalable controls.
  • Maintain HIPAA security program documentation including policies, standards, and procedures.
  • Support internal and external audits and compliance evidence collection.
  • Partner with Legal and Security Operations on incidents involving PHI/ePHI.
  • Mature GRC tooling and continuous control monitoring
  • Provide practical guidance to stakeholders regarding HIPAA requirements.
  • Monitor regulatory changes related to HIPAA and healthcare security.

Requirements

What you’ll need
  • 6+ years of experience in security compliance, GRC, risk management, audit, privacy/security operations, or related information security roles.
  • 3+ years of hands-on experience implementing, operating, or materially maturing HIPAA programs in a technology, SaaS, health-tech, or highly regulated environment.
  • Strong working knowledge of HIPAA Security Rule requirements.
  • Practical experience applying HIPAA safeguards to cloud, SaaS, data, and engineering environments.
  • Experience with adjacent frameworks and standards such as HITRUST, SOC 2, ISO 27001, NIST 800-53, PCI DSS, GDPR or CCPA.
  • Experience supporting audits, compliance assessments, control testing, evidence collection, risk assessments, and remediation programs.
  • Ability to translate complex compliance requirements into clear, actionable tasks.
  • Technical fluency to understand cloud architecture, APIs, IAM, CI/CD, infrastructure-as-code, logging, vulnerability management, and security monitoring concepts.
  • Strong communication and documentation skills.

Benefits

Comp & perks
  • 401(k) plan with employer matching
  • 16 weeks of paid parental leave
  • Wellness benefits
  • Commuter benefits match
  • Paid time off
  • Paid sick leave
  • Medical benefits
  • Dental benefits
  • Vision benefits
  • 11 paid holidays
  • Disability insurance
  • Basic life insurance
  • Family-forming assistance
  • Mental health program