Governance, Compliance, and Risk Analyst

At EliseAI, we're improving the industries that matter most: housing and healthcare. Everyone needs a place to live and access to quality healthcare, yet both are often harder to secure than they should be.

By integrating AI agents deeply into existing workflows, we make them more efficient, reduce costs, and improve the experience for everyone.

We are seeking a Governance, Risk, and Compliance (GRC) Analyst to support and scale our security and compliance programs. This role will be instrumental in maintaining regulatory and audit readiness, managing third-party risk, and ensuring our policies and processes align with industry standards.

You will work cross-functionally with Security Engineering, Legal, and business stakeholders to operationalize compliance efforts, support audits, and respond to customer and vendor due diligence requests. This is a high-impact role with direct influence on our ability to meet critical compliance timelines and support the sales process.

• →

  Support and manage ongoing compliance programs across frameworks such as SOC 1, SOC 2, PCI, HITRUST, and HIPAA

• →

  Coordinate audit activities, including evidence collection, documentation preparation, and responses to auditor requests

• →

  Track compliance requirements and proactively follow up with stakeholders on outstanding items

• →

  Conduct vendor risk assessments and manage third-party due diligence processes

• →

  Complete first-pass reviews of vendor and client security questionnaires (DDQs) in collaboration with Security Engineering

• →

  Maintain and update security and compliance policies and supporting documentation

• →

  Review security-related legal documents, including security addenda, in partnership with Legal and Security teams

• →

  Attract top-tier talent to join our driven team

We’re scaling fast, solving real client problems with precision and ambition. Here, you own your impact; full autonomy, no micromanagement, no fluff.

We hire the best, expect the best, and give you the masterclass of your career. It’s hard, it’s intense, and it’s the most rewarding work you’ll ever do. If you’re hungry, driven, and ready to build something massive, climb aboard.

• 2–5 years of experience in Governance, Risk, and Compliance, Information Security, or a related field

• Familiarity with common compliance frameworks such as SOC 2, PCI-DSS, HIPAA, or HITRUST

• Experience supporting audits and managing evidence collection processes

• Understanding of vendor risk management and third-party due diligence processes

• Strong organizational skills with the ability to manage multiple concurrent deadlines

• Excellent written and verbal communication skills, especially for cross-functional collaboration

• Ability to work independently and proactively follow up on tasks

• Willingness to work in person at our office 4-5 days a week