As the holiday season approaches, we want to inform you that response times and the hiring process may be slightly extended due to business team schedules. We truly appreciate your patience and understanding during this period and remain committed to keeping you informed as we review applications. Thank you for considering a role at ŌURA—we look forward to learning more about you!

Our mission at Oura is to empower every person to own their inner potential. Our award-winning products help our global community gain a deeper knowledge of their readiness, activity, and sleep quality by using their Oura Ring and its connected app. We've helped 2.5 million people understand and improve their health by providing daily insights and practical steps to inspire healthy lifestyles.

Empowering the world starts with living our values and empowering our team. As a quickly growing company focused on helping people live healthier and happier lives, we ensure that our team members have what they need to do their best work — both in and out of the office.

We are looking for a highly motivated IT Compliance Analyst to join our IT Operations team. This role is critical for supporting and maturing our compliance programs, including SOC2, HIPAA, HITRUST, and DoD frameworks. As an IT Compliance Analyst, you will play a hands-on role in identifying compliance requirements, supporting audits, and partnering with cross-functional teams, including Security and GRC, to implement IT controls, policies, and procedures, ensuring adherence to regulatory standards and company policies. The ideal candidate has experience creating policies and procedures, a solid understanding of IT operations, and a proactive approach to managing compliance requirements.

What you will do:

• Policy Development & Maintenance: Develop, maintain, and revise IT compliance policies and procedures, ensuring alignment with industry best practices and regulatory requirements.
• Audit & Compliance Management: Assist in planning and executing compliance audits such as SOC2, HIPAA, and HITRUST, including gathering evidence, preparing audit documentation, and liaising with external auditors.
• Risk Assessment: In collaboration with Security, conduct regular IT risk assessments, identifying gaps in controls, and recommending mitigation actions to minimize potential risks.
• Documentation & Reporting: Maintain comprehensive documentation to support compliance activities and generate regular reports to communicate compliance status to stakeholders.
• Collaboration & Stakeholder Engagement: Work closely with Security, IT Operations, and Legal teams to facilitate compliance-related initiatives and ensure controls are properly implemented.
• Training & Awareness: Provide ongoing training to internal teams on compliance obligations, policies, and best practices to cultivate a culture of compliance.

This is a remote US role with a preference for candidates based on the East Coast. Oura employees in major cities (like Boston or New York) occasionally gather informally at local co-working locations.