GRC Specialist
About Us
At Sully.ai, We’re Building the Most Impactful Healthcare Company on Earth
We believe that access to a great doctor is a basic human right. Today, that’s not a reality. Delays, misdiagnoses, administrative chaos, and burnout plague the system.
Our Mission: One Human, One Doctor. We build AI teammates that augment clinicians — scribes, nurses, receptionists, translators — all powered by our own world-class models and deployed in real-world care.
Our Traction
450+ organizations signed 16 months
AI agents cut admin by ~2.8 hours daily and reduce onboarding 85%.
5M+ Clinical Tasks completed to date, serving 36+ specialties.
Raised $25M from YC, Eric Yuan, Amity, Semper Virens
Patented AI architecture (MedCon-1) outperforms GPT-4.5, Gemini, Claude on clinical reasoning tasks
Sully requires A-players capable of 4 months = 1 year output.
About the Role
At Sully.ai, we're looking for a highly motivated and result-driven Security and Compliance Engineer who can take self-action and drive outcomes without needing direction. This individual will be responsible for identifying and resolving security and compliance risks that could potentially block customer acquisition and ensure that these risks do not block other teams from serving clients. They will be a key player in building and executing a Third Party Risk Management program, ensuring all user devices are fully compliant with security requirements, and creating a clear plan forward for contractor virtual environments.
Key Responsibilities
Identify security and compliance risks that could potentially block customer acquisition, and resolve these risks without needing direction.
Build and execute a Third Party Risk Management program, ensuring all user devices are fully compliant with security requirements.
Create a clear plan forward for contractor virtual environments, ensuring compliance with security protocols.
Take initiative in finding and accurately capturing risk items, backing up findings with research and evidence.
Continuously look forward and build efficiencies and automations in daily tasks, driving predictable and repeatable revenue growth.
Collaborate with cross-functional teams to drive complex enterprise negotiations, ensuring compliance with security and compliance frameworks.
Develop and implement repeatable playbooks for outbound → demo → closed-won conversion, building high-performing sales teams and onboarding programs.
Drive and systematize revenue growth, increasing demo conversion and leading complex enterprise negotiations with high stakes and long sales cycles.
Hard Requirements
Mastery of security and compliance frameworks, with expertise in identifying and mitigating security risks.
Strong analytical and problem-solving skills, with the ability to find and resolve problems without needing direction.
Experience in building and executing Third Party Risk Management programs, ensuring compliance with security requirements.
Strong ability to operate independently in ambiguity, execute decisively, and be self-driven and highly motivated.
Experience in working with cloud-based security platforms, with a focus on building and executing security and compliance programs.
Strong technical skills, with expertise in security protocols, risk management, and compliance frameworks.
Key Results (First 90 Days)
Identify Security and Compliance items that could potentially block customer acquisition.
Resolve Security and Compliance risks to company objectives.
Build out a full Third Party Risk Management program leveraging in-place solutions. Add all current vendors to this platform.
Get all user devices fully compliant with security requirements.
Create a clear plan forward for contractor virtual environments.
Ensure Security and Compliance does not block other teams from being able to serve clients.
Who Thrives Here
Entrepreneurial to your core: You think in outcomes, thrive in chaos, and take ownership without limits
Mission-obsessed: You’re here to save lives, not just ship features — patients and doctors are your why.
Impact-driven & fast-moving: You sprint toward hard problems and ship with sharp judgment.
Elite teammate: You raise the bar through high standards, direct feedback, and craft excellence.
Why Join Sully.ai?
🔥 Revolutionizing the antiquated $800B+ Healthcare market
🧠 50%+ of us are ex-founders. We hire A-players, not passengers
⚡️ Speed matters - we operate with urgency, autonomy, and ownership
🧪 You’ll work on real, first-of-their-kind problems at the edge of AI and medicine
❤️ Your work helps doctors reclaim their time - and patients get better, faster care
Sully.ai is an equal opportunity employer. In addition to EEO being the law, it is a policy that is fully consistent with our principles. All qualified applicants will receive consideration for employment without regard to status as a protected veteran or a qualified individual with a disability, or other protected status such as race, religion, color, national origin, sex, sexual orientation, gender identity, genetic information, pregnancy or age. Sully.ai prohibits any form of workplace harassment.