At Ro, we believe that when people achieve their health goals, they can achieve their life goals. The highest-leverage way to move society forward is to give people their health, and the current healthcare system isn’t built to do that. It was built to bill, not to serve patients.

We’re building a new system. One where the patient is in control. One designed from scratch for the digital age.

At Ro, technology isn’t just a function… It's core to how we deliver care. We’ve built a vertically integrated healthcare platform that connects telehealth, diagnostics, pharmacy, and logistics into a seamless, end-to-end experience for millions of patients.

…and we’re just getting started.

As part of Tech @ Ro, you’ll work on systems that operate at scale, with an opportunity to:

Solve complex, high-concurrency problems across a full-stack platform
Build and ship quickly with tight feedback loops and real-world impact
Own systems end-to-end, from architecture to production performance
Work alongside experienced operators, technical leaders, and clinicians
Help define how modern healthcare should be delivered

We’re a performance-driven team with a strong sense of ownership and urgency. We move fast, learn quickly, and hold a high bar for what we build, and do so with a big heart — because patients depend on it.

If you’re motivated by impact, scale, and the chance to help lead the patient revolution, come build with us.

The Role

The Governance Risk and Compliance Engineer role will be a core, individual contributor member of Ro’s GRC team.

The GRC team enables Ro to manage risk by vigorously assessing our operations against leading compliance frameworks and standing legislation. This individual contributor role will be a key player in both leading our audit readiness program while driving continuous compliance using leading AI and automation platforms.

What You’ll Do:

Serve as both a risk practitioner and automation engineer. Automate everything.
Own and maintain the compliance platform (Vanta), including control mapping, evidence collection, continuous monitoring, and audit workflows
Perform risk assessments, vendor security reviews, and control gap analyses, and track remediation through to completion
Manage control documentation, policies, procedures, and supporting artifacts across multiple compliance frameworks
Partner with Security, IT, Infrastructure, and Engineering teams to ensure technical and administrative controls align with documented policies and compliance requirements
Support internal and external audits (SOC 2, HIPAA, HITRUST)
Own and maintain the cyber risk register, collaborating with risk owners to quantify risks and develop remediation plans.
Develop and maintain risk reporting, metrics, and executive summaries with BI tools (Looker, Hex, etc)

What You’ll Bring to the Team:

5+ years of combined experience across governance, risk, compliance, security engineering, or adjacent technical roles, including hands-on experience working with compliance frameworks such as SOC 2, HIPAA, HITRUST, NIST, and PCI in modern, technology-driven environments.
3+ years of experience with ongoing compliance operations, with demonstrated progression from manual evidence collection to automated, continuously monitored controls.
2+ years of hands-on experience implementing and administering continuous compliance and evidence automation platforms (e.g., Vanta, Drata, SecureFrame), including configuring and creating custom integrations as well as optimizing automated evidence workflows.
Working knowledge of cloud computing platforms (AWS, Azure, GCP) and how their native services and configurations support security and compliance requirements.
Expertise in using Looker (or similar BI tool; HEX) to create dashboards, generate reports, and visualize GRC data for stakeholders, with a focus on simplifying complex data into actionable insights.
Ability to automate data ingestion, transformation, and reporting using scripting or programmatic approaches (e.g., Python, JavaScript, APIs, Tines.)
Strong analytical and root cause analysis skills
Kindness, and an ability to communicate to all levels of the organization

Bonus Points

Advanced GRC Automation & Engineering Mindset (custom automatons or workflows beyond out-of-the-box compliance tools)

We’ve Got You Covered:

Full medical, dental, and vision insurance + OneMedical membership
Healthcare and Dependent Care FSA
401(k) with company match
Flexible PTO
Wellbeing + Learning & Growth reimbursements
Paid parental leave + Fertility benefits
Pet insurance
Student loan refinancing
Virtual resources for mindfulness, counseling, and fitness

The target base salary for this position ranges from $148,000 to $175,000, in addition to a competitive equity and benefits package (as applicable). When determining compensation, we analyze and carefully consider several factors, including location, job-related knowledge, skills and experience. These considerations may cause your compensation to vary.

Ro is consistently recognized as a top workplace in Health Care, in New York, and for Women and Parents—earning more than 20 honors from Fortune, Great Place to Work, and PEOPLE since 2021. In 2025 alone, we ranked top 5 among medium workplaces in Health Care and New York, and top 50 nationwide.

At Ro, we believe that our diverse perspectives are our biggest strengths — and that embracing them will create real change in healthcare. As an equal opportunity employer, we provide equal opportunity in all aspects of employment, including recruiting, hiring, compensation, training and promotion, termination, and any other terms and conditions of employment without regard to race, ethnicity, color, religion, sex, sexual orientation, gender identity, gender expression, familial status, age, disability and/or any other legally protected classification protected by federal, state, or local law.

Ro is committed to providing reasonable accommodations for qualified individuals with disabilities in our application and interview process. If you require a reasonable accommodation in the application or interview process, please contact us at talent@ro.co.

See our California Privacy Policy here.

Apply now

See more open positions at Ro

Powered by Getro.com

Privacy policy Cookie policy