Senior Cybersecurity Analyst
About Rad AI
At Rad AI, we’re on a mission to transform healthcare with artificial intelligence. Founded by a radiologist, our AI-driven solutions are revolutionizing radiology—saving time, reducing burnout, and improving patient care. With one of the largest proprietary radiology report datasets in the world, our AI has helped uncover hundreds of new cancer diagnoses and reduced error rates in tens of millions of radiology reports by nearly 50%.
Rad AI has secured over $140M in funding, including a recently oversubscribed Series C ($68M round) led by Transformation Capital, bringing our valuation to $528M. Our investors include Khosla Ventures, World Innovation Lab, Gradient Ventures, Cone Health Ventures, and others—all backing our mission to empower physicians with cutting-edge AI.
Our latest advancements in generative AI are used by thousands of radiologists daily, supporting more than one-third of radiology groups and healthcare systems and nearly 50% of all medical imaging in the U.S. at partners including Cone Health, Jefferson Einstein Health, Geisinger, Guthrie Healthcare System, and Henry Ford Health.
Recognized as one of the most promising healthcare AI companies by CB Insights and AuntMinnie, and ranked by Deloitte as the 19th fastest-growing company in North America, we are building AI-powered solutions that make a real impact. Most recently, Rad AI was named to CNBC’s Disruptor 50 list, highlighting the innovation and momentum behind our mission.
If you’re ready to shape the future of healthcare, we’d love to have you on our team!
Why Join Us:
Rad AI is redefining the boundaries of artificial intelligence in healthcare. As our Senior Cybersecurity Analyst, you will play a critical role in securing the company, driving compliance programs, managing risks, and serving as a trusted partner to customers and internal teams alike. This is not a purely technical role: it demands equal parts audit, security expertise, project management discipline, and clear communication. This role will report directly to the Director of IT & Cybersecurity.
What You'll Be Doing:
Manage SOC 2 Type II audit cycles from scoping through evidence collection to final report, serving as the primary point of contact for auditors and collaborators.
Coordinate HIPAA compliance assessments, including risk analyses, policy reviews, and Business Associate Agreement (BAA) management.
Conduct structured gap analyses against applicable frameworks (SOC 2, HIPAA, ISO 42001, NIST CSF) to identify control deficiencies and develop prioritized remediation roadmaps.
Track risk mitigation and remediation plans, ensuring accountability and measurable progress against accepted risk thresholds.
Serve as the primary responder to enterprise customer security questionnaires, and engage directly with customers and prospects.
Demonstrate a solid understanding of system and data architecture, including cloud infrastructure, data flows, and access controls, in order to answer technical assessment questions accurately and confidently.
Develop and maintain a reusable security response library (trust portal, standard questionnaire answers, and diagrams) to accelerate future engagements.
Act as a security partner to Engineering, Product, Legal, Sales, and Customer Success, translating security requirements into actionable guidance for non-security audiences.
Participate in architecture and design reviews, ensuring new systems and features meet security and compliance requirements before deployment.
Maintain fluency in artificial intelligence and automation technologies, understanding their security and compliance implications within Rad AI’s platforms.
Leverage AI-assisted tools to improve security operations efficiency, including threat analysis, automated evidence collection, and other cybersecurity workflows.
Who We're Looking For:
Bachelor’s degree in Information Security, Computer Science, or a related field.
6+ years of experience in cybersecurity, with at least 2 years of hands-on involvement in compliance programs or security audits.
Demonstrated experience leading or significantly contributing to SOC 2 through full audit lifecycle.
Practical knowledge of risk management frameworks (NIST RMF, ISO 42001, FAIR) and risk treatment processes.
Experience responding to enterprise customer security questionnaires and interfacing directly with customers on security topics.
Strong project management skills with the ability to manage multiple concurrent workstreams in a fast-paced environment.
Ability to communicate complex security and compliance topics clearly to both technical and non-technical audiences, including in customer-facing settings.
Experience reviewing and maintaining information security policies and procedures.
Active security certifications; ideally a CISSP and CISA.
Nice to Haves:
Healthcare industry experience and understanding of healthcare data handling obligations.
Experience with project management methodologies (PMP, Agile, Scrum) or formal project management training.
Familiarity with additional compliance frameworks: ISO 27001, NIST CSF, or HITRUST.
Knowledge of DevSecOps practices and integration of security into CI/CD pipelines.
Join our world-class team as we build and deploy AI solutions that empower physicians and transform patient care—making a meaningful impact on millions of lives. Driven by our mission, we prioritize transparency, inclusion, and close collaboration, bringing together exceptional people to revolutionize healthcare. If you're passionate about driving innovation and delivering impactful healthcare solutions, we'd love to hear from you!
To learn more about what it's like to work at Rad AI, visit https://www.radai.com/life-at-rad-ai
For US-Based Full-Time Roles, Rad AI offers a variety of benefits, including:
Comprehensive Medical, Dental, Vision & Life insurance
HSA (with employer match), FSA, & DCFSA
401(k)
11 Paid Company Holidays
Location Flexibility (Remote-first company!)
Flexible PTO policy
Annual company-wide offsite
Periodic team offsites
Annual equipment stipend
For roles based outside the US, your recruiter can share more details
At Rad AI, we value diversity and provide equal employment opportunities (EEO) to all employees and applicants without regard to race, color, religion, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status. We will consider for employment qualified applicants with criminal histories in a manner consistent with the requirements of the San Francisco Fair Chance Ordinance.
Please be vigilant regarding job scams. We advise all candidates to apply directly through our official careers page. Our recruiters will use email addresses with the domain @radai.com or no-reply@ashbyhq.com.