Technical Program Manager, Security & GRC

About DeepScribe DeepScribe is building the future of healthcare technology. Our vision goes beyond automating medical notes - we are building AI agents for providers, streamlining diverse clinical workflows such as clinical trial matching, billing, and more. By embedding AI deeply into healthcare operations, we empower clinicians to deliver exceptional care. We’ve raised over $60 million in total funding from top-tier investors, including Index Ventures and prominent angels such as Alexandr Wang (CEO of Scale AI) and Dylan Field (CEO of Figma). Our solutions are trusted by some of the largest healthcare organizations in the country, including The US Oncology Network (the nation’s largest oncology network) and Ochsner Health (the largest healthcare system on the Gulf Coast). About the role We’re seeking a Technical Program Manager, Security & GRC to drive DeepScribe’s most critical cross-functional programs at the intersection of security, compliance, and engineering operations. You will be the primary driver of our security and compliance programs – owning execution, coordination, and technical follow-through across SOC 2, HIPAA, vendor risk, security reviews, and audit readiness. You will also support engineering effectiveness and operational excellence initiatives, helping improve how engineering teams respond to incidents, ship changes, and operate reliably at scale. This is a hands-on TPM role for someone who thrives in ambiguity, enjoys working closely with engineers, and can translate regulatory and operational requirements into clear, executable programs. What you’ll do Governance, Risk, and Compliance Programs

• Own and drive execution of DeepScribe’s SOC 2, HIPAA, and other relevant compliance programs, partnering closely with Engineering, Legal, and People Ops.
• Coordinate security reviews, risk assessments, and control validation across teams.
• Lead the vendor security management program, including intake, reviews, remediation tracking, and ongoing monitoring.
• Drive security improvement initiatives based on risk findings, audit outcomes, and incident learnings.
• Manage the technical aspects of customer security reviews, including architecture explanations, control narratives, and evidence coordination.
• Coordinate responses to RFPs, RFIs, and security questionnaires that require engineering input, ensuring accuracy, consistency, and timeliness.

Engineering Effectiveness & Operational Excellence Programs

• Drive incident response and operational excellence initiatives, including retrospectives, follow-ups, and improvement tracking.
• Coordinate deployment processes and launch management, ensuring readiness, communication, and rollback awareness.
• Implement and maintain engineering best practices related to operational reliability, security, and change management.
• Support cross-team technical initiatives that require coordination across multiple engineering squads.
• Improve engineering documentation and knowledge sharing, particularly for operational and security-relevant workflows.
• Help manage operational alerts and response processes, focusing on clarity, ownership, and continuous improvement.

Other Programs

• Support additional cross-functional technical programs as assigned, particularly where security, risk, or operational rigor are involved.

About you

• 2+ years of experience as a Technical Program Manager, Security TPM, or similar role working closely with engineering teams
• Experience driving security, compliance, or risk-related programs (e.g., SOC 2, HIPAA, ISO, HITRUST, FedRAMP, or equivalent)
• Experience supporting healthcare, PHI, or regulated data environments
• Strong ability to coordinate complex, cross-functional technical work across technical and non-technical stakeholders
• Comfort operating in regulated environments and translating requirements into actionable plans
• Excellent written and verbal communication skills, especially in technical and audit-adjacent contexts
• Experience working with Vanta, or other compliance automation platforms.

Nice to have

• Familiarity with incident response processes and operational reliability practices.
• Experience supporting customer security reviews, RFPs, or enterprise sales motions.
• Background working in lean, fast-growing engineering organizations.

Perks and benefits $80,000 to $160,000 annual salary Flexible PTO Work from home stipend Medical, Dental, Vision, 401K and other benefits are also offered About the Team At DeepScribe, we value trust, teamwork, and transparency, and we’re dedicated to promoting diversity and equity in the workforce through inclusive hiring practices. Candidates with backgrounds that are underrepresented in the technology industry are encouraged to apply. In compliance with federal law, all persons hired will be required to verify identity and eligibility to work in the United States and to complete the required eligibility verification form upon hire. We’re excited to connect with people who feel inspired by our mission to transform medical documentation with AI. As part of your application, we ask you to briefly tell us why you want to work at DeepScribe. Applications without a thoughtful response may not be considered. How to use AI during our hiring process

• When applying: create the first draft of your resume yourself, but it’s OK to use AI to help you polish it
• While preparing: use AI to research DeepScribe, practice your answers, or prepare questions for us
• During take-home assignments: feel free to use AI to help you complete your work, but be prepared to explain and take responsibility for anything that you deliver
• During live interviews: no AI assistance of any kind unless we indicate otherwise. We want to see how you think, approach problems, and work through challenges in real time.

Apply tot his job Apply To this Job