Director of Compliance

Today, when you go to your doctor and get referred to a specialist (e.g., for sleep apnea), your doctor sends out a referral and tells you, “They’ll be in touch soon.” So you wait. And wait. Sometimes days, weeks, or even months. Why? Because too often specialists and medical services are overwhelmed with referrals and the painstakingly manual process it takes to qualify your referral prevents them from getting around to it on time, or sometimes at all. Tennr prevents these delays and denials by making sure every referral gets where it needs to go, with the right info, at the right time. Powered by RaeLM™ Tennr reads, extracts, and acts on every piece of patient information so providers can capture more referrals, slash denials, and reduce delays.

We’re hiring a Director of Compliance to build and lead a cross-functional compliance program that spans both healthcare regulation and enterprise SaaS standards. This role will own policy development, internal controls, training, and audit readiness across the business. You’ll partner closely with Legal, Security, Product, and Customer-facing teams to proactively manage risk while enabling the company to scale with confidence.

You’ll be the primary owner of HIPAA compliance and commercial frameworks such as SOC 2, SOC 1, and ISO 27001—ensuring we meet the expectations of enterprise customers, regulators, and partners. This is a high-impact, high-ownership role that blends strategic policy design with hands-on execution. The ideal candidate is pragmatic, detail-oriented, and deeply comfortable operating across regulated environments and fast-moving startups.

• Build and maintain a comprehensive compliance program spanning healthcare (HIPAA) and commercial SaaS standards (SOC 2, SOC 1, ISO etc.).

• Design, document, and enforce internal policies and controls that mitigate risk across legal, security, and operational domains.

• Monitor changes in healthcare regulations and enterprise security standards, and update internal practices accordingly.

• Own compliance-related documentation for internal use and external review, including security questionnaires, policies, attestations, and customer-facing materials.

• Collaborate with Legal, Security, Product, and CX to embed compliance into onboarding, contracting, data handling, and day-to-day workflows.

• Lead company-wide compliance training programs on topics such as privacy, data security, anti-harassment, and ethical conduct.

• Oversee vendor risk management, including diligence, contracts, and ongoing compliance monitoring.

• Serve as the primary liaison for audits, regulatory inquiries, and enterprise customer compliance reviews.

• Build lightweight reporting systems to track compliance status, gaps, remediation progress, and escalations.

Required

• 6+ years of experience in compliance, risk, legal operations, or information security in a SaaS, healthcare, or regulated tech environment.

• Deep familiarity with HIPAA and commercial compliance frameworks such as SOC 2, SOC 1, ISO 27001, and/or GDPR.

• Proven ability to design and maintain internal controls, policy documentation, and audit readiness programs.

• Experience running cross-functional compliance initiatives, including training, vendor risk management, and enterprise customer reviews.

• Strong writing and organizational skills—able to create and manage detailed documentation for both internal and external use.

• Excellent judgment, with the ability to assess legal and operational risk and escalate appropriately.

Preferred

• Experience in both healthcare and SaaS environments.

• Familiarity with payer-side compliance topics (e.g., Medicare FWA, state regulations).

• Exposure to customer contracting workflows and negotiation support on compliance topics.

• Comfortable working in a high-growth, startup environment with limited structure and high ambiguity.

• Drive Impact: one of our company values is Cowboy, meaning you set the pace. You won’t just talk about things, you’ll get them done. And feel the impact.

• Develop Operational Expertise: learn the inner workings of scaling systems, tools, and infrastructure

• Innovate with Purpose: we’re not just doing this for fun (although we do have a lot of fun). At Tennr, you’ll join a high-caliber team maniacally focused on reducing patient delays across the U.S. healthcare system.

• Build Relationships: collaborate and connect with like-minded, driven individuals in our Chelsea office 4 days/week (preferred)

• Free lunch! Plus a pantry full of snacks

• New, spacious Chelsea office

• Unlimited PTO

• 100% paid employee health benefit options

• Employer-funded 401(k) match

• Competitive parental leave