Governance, Compliance, and Risk Analyst

About EliseAI

At EliseAI, we're improving the industries that matter most: housing and healthcare. Everyone needs a place to live and access to quality healthcare, yet both are often harder to secure than they should be.

By integrating AI agents deeply into existing workflows, we make them more efficient, reduce costs, and improve the experience for everyone.

• Housing: We simplify how renters tour apartments, sign leases, submit maintenance requests, and stay connected with their property team—bringing everything they need for their home into one place.

• Healthcare: We make it easy to schedule appointments, complete intake forms, and we help patients communicate with providers, so everyone can focus on health instead of paperwork.

With EliseAI, organizations reduce manual work, improve accessibility, and deliver a seamless experience across essential services. We recently raised a $250 million Series E round led by Andreessen Horowitz to accelerate this mission.

About The Role

We are seeking a Governance, Risk, and Compliance (GRC) Analyst to support and scale our security and compliance programs. This role will be instrumental in maintaining regulatory and audit readiness, managing third-party risk, and ensuring our policies and processes align with industry standards.

You will work cross-functionally with Security Engineering, Legal, and business stakeholders to operationalize compliance efforts, support audits, and respond to customer and vendor due diligence requests. This is a high-impact role with direct influence on our ability to meet critical compliance timelines and support the sales process.

Key Responsibilities

• Support and manage ongoing compliance programs across frameworks such as SOC 1, SOC 2, PCI, HITRUST, and HIPAA

• Coordinate audit activities, including evidence collection, documentation preparation, and responses to auditor requests

• Track compliance requirements and proactively follow up with stakeholders on outstanding items

• Conduct vendor risk assessments and manage third-party due diligence processes

• Complete first-pass reviews of vendor and client security questionnaires (DDQs) in collaboration with Security Engineering

• Maintain and update security and compliance policies and supporting documentation

• Review security-related legal documents, including security addenda, in partnership with Legal and Security teams

• Attract top-tier talent to join our driven team

Move at rocket speed, build something massive.

We’re scaling fast, solving real client problems with precision and ambition. Here, you own your impact; full autonomy, no micromanagement, no fluff.

We hire the best, expect the best, and give you the masterclass of your career. It’s hard, it’s intense, and it’s the most rewarding work you’ll ever do. If you’re hungry, driven, and ready to build something massive, climb aboard.

Requirements

• 2–5 years of experience in Governance, Risk, and Compliance, Information Security, or a related field

• Familiarity with common compliance frameworks such as SOC 2, PCI-DSS, HIPAA, or HITRUST

• Experience supporting audits and managing evidence collection processes

• Understanding of vendor risk management and third-party due diligence processes

• Strong organizational skills with the ability to manage multiple concurrent deadlines

• Excellent written and verbal communication skills, especially for cross-functional collaboration

• gorustawsaisales