Security Compliance Officer

Overview
We are on a mission to ensure everyone has access to medical expertise, no matter where they are.

Half the world still lacks access to quality healthcare. Even in advanced systems, outcomes are uneven, and clinicians are overwhelmed. Medical knowledge grows faster than human capacity can keep up.

Corti is building the infrastructure to close that gap. Our AI platform expands access to medical expertise, reducing errors, restoring time to clinicians, and making care more affordable, accessible, and human again.

There is no quality healthcare without a quality dialogue, and no reliable AI without a strong foundation. Help us build both.

Why Corti?
Corti is building the intelligence layer for global healthcare. We give every developer, product team, and healthcare innovator access to medical-grade AI, so the world can deliver care that is faster, safer, and more human.

Built entirely for healthcare and adjacent industries, Corti's models are trained on real-world data and optimized for precision, safety, and regulatory trust.

Through modular APIs, teams can embed medical speech recognition, summarization, reasoning, and much more directly into healthcare products without reinventing the foundation.

We power the builders who are redefining how healthcare works, from startups creating new patient experiences to enterprises modernizing the systems that care depends on.

If you believe that AI purpose-built for medicine will define the next century of healthcare, you belong at Corti.

Role Overview
Corti is seeking a Security Compliance Officer to ensure we continue to meet and exceed our rigorous standards for data privacy, security, and regulatory compliance, particularly as it pertains to managing sensitive patient information. In this role, you will manage our adherence to essential frameworks such as ISO 27001, SOC 2, Cyber Essentials, and BSI C5. These frameworks are fundamental to safeguarding sensitive data, as they establish strict controls on data privacy, risk management, and region-specific compliance.

The ideal candidate will play a critical role in implementing, monitoring, and refining our compliance strategies to meet evolving regulatory requirements. By leading our compliance efforts, you'll help build trust with clients, partners, and regulatory bodies, demonstrating our commitment to responsible data handling and supporting the long-term security and sustainability of our operations.

The Security Compliance Officer would work closely with other Governance & Market Access teams members, platform team, Technical teams, including management, to develop, implement and maintain compliance policies and procedures, as well as ensure company adherence to them.

What You'll Be Doing

• Own and maintain Corti security governance model across ISO 27001, SOC 2 and other relevant frameworks, including a clear control inventory and ownership map.
• Translate frameworks and customer requirements into concise policies, playbooks, checklists and acceptance criteria that fit naturally into techdocs, release processes and change management.
• Plan, manage and follow up on internal and external security audits and assessments, address any areas of non compliance and communicate status and findings to leadership, auditors and teams.
• Drive the use of compliance automation tools (e.g. Drata) and internal scripts, and monitor indicators such as device compliance, policy acceptance, training completion and access reviews, coordinating remediation with the responsible teams.
• Maintain a live security risk register, including risk acceptance, mitigation plans and regular reviews with Product, Platform and Governance team members.
• Partner with Platform and other engineers to ensure that policies and control objectives are reflected in CI or CD pipelines, Infrastructure as Code and cloud configuration baselines, and review security impactful changes at a governance level so they remain aligned and auditable.
• Plus - can use engineering experience to design small automations or configuration improvements that strengthen controls and make evidence collection and reporting easier for teams.
• Act as a trusted advisor on secure ways of working and provide answers to customers and stakeholders on Corti's security.

What You'll Bring

• A bachelor's degree in Computer Science/Information Technology, or solid experience in security compliance or information security.
• Strong understanding of security and data protection laws, regulations, and standards.
• Proven impact in risk reduction and safeguarding sensitive data, protecting brand reputation and customer trust.
• Practical exposure to modern engineering environments, for example working closely with platform or DevOps teams, and familiarity with CI or CD, Infrastructure as Code, and cloud platforms such as Azure.
• Previous hands on engineering experience is a plus, for example as a developer, platform engineer, or DevOps engineer, and you are comfortable reading code or configuration to understand how controls are implemented.
• A builder mindset for governance, you enjoy designing processes, templates, and automations that make it easy for teams to do the right thing.
• A proactive, ownership-driven approach to building and coordinating company-wide compliance programs.
• Comfortable using and configuring compliance tooling such as Drata, and eager to experiment with new automation tools to reduce manual work.
• Effective partnership with external auditors, including evidence collection, issue tracking, and clear internal communication of findings.
• Clear communicator who can adjust language to the audience, from technical deep dives to concise leadership updates.
• Deep familiarity with keeping organizations up-to-date with evolving regulatory requirements.
• Strong project management discipline leveraging tools to plan, track, and communicate workload and progress to stakeholders and leadership

Practicalities

• You will be reporting to VP of Governance and Market Access
• The position is full-time and starts as soon as possible.
• Hybrid working environment in our Copenhagen office
• Equipment provided by Corti

Ready to dive into the world of Corti? Hit that 'Apply' button, and let's start working together on reshaping the dialogue in healthcare, making a real difference for millions of patient outcomes around the world.
Bringing in top talent from all backgrounds is crucial in our pursuit to improve the world of healthcare. We encourage applications from all people and do not discriminate based on race, religion, national origin, gender, sexual orientation, age, and/or disability status.
At Corti, experience comes in many forms, and we're passionate about creating teams with a multitude of perspectives If you believe your experience is close to what we're looking for but not an exact match, we still hope you'll consider applying