IT and Compliance Manager

9amHealth is specialized cardiometabolic care: a first of its kind, whole body approach to preventing and treating obesity, diabetes, high blood pressure, and high cholesterol, and help with weight management. We offer custom care plans, prescription medications, and expert guidance to help our members live healthier every day.

9amHealth is a San Diego, California, based company led by the team behind mySugr, a successful diabetes management app acquired by Roche in 2017. 7Wire Ventures, Human Capital, Founders Fund, Define Ventures, Speedinvest, iSeed Ventures, and StartUp Health have backed 9amHealth, with a total funding of 25 million dollars. We are on a growth trajectory to achieve our mission of a more connected care approach for cardiometabolic health.

This is a hands on, high ownership individual contributor role responsible for:

• Corporate IT and employee enablement

• SaaS application and access management

• Execution and monitoring of SOC 2, HIPAA, and HITRUST compliance (using Vanta)

You will be the primary owner of internal IT operations and a key contributor to our compliance posture, working closely with Engineering, Security, People Ops, and external auditors. As the company grows, this role has a clear path to leading IT and security operations. In addition to corporate IT and compliance, this role is responsible for first level support and troubleshooting of 9amHealth’s internal applications and tooling, with a strong focus on access issues, permissions, and user enablement across internal platforms.

• Provide first level IT support for ~150 employees (growing to 200+)

• Own Mac and mobile device management using Jamf

• Manage device lifecycle: onboarding, offboarding, inventory, replacements

• Enforce endpoint security controls (disk encryption, OS updates, security tooling)

• Partner with People Ops to deliver a smooth and secure employee experience

• Own administration of cloud based SaaS applications

• Manage identity, SSO, MFA, and access control via Google Workspace

• Conduct regular access reviews and enforce least privilege principles

• Own SaaS vendor relationships, including:

  • Security reviews and questionnaires

  • Contract renewals and license optimization

  • Budget ownership for IT and SaaS tooling

• Administer and support both third party SaaS tools and internally developed platforms, ensuring secure and reliable user access

• Execute and support SOC 2 Type II, HIPAA, and HITRUST compliance efforts

• Perform day to day compliance tasks using Vanta

• Maintain evidence, policies, and control documentation

• Monitor ongoing compliance requirements and control effectiveness

• Coordinate audit preparation and respond to auditor requests

• Track and remediate audit findings in collaboration with Engineering and Security

• Provide first-level support and troubleshooting for 9amHealth internal systems and applications

• Resolve access, authentication, and permission issues across internal tools

• Support user onboarding and offboarding for internal platforms

• Act as the first point of contact for internal tool issues, escalating to Engineering or vendors as needed

• Maintain documentation and run books for common internal tooling issues

• 3-5+ years experience in IT Operations, Systems Administration, or Corporate IT

• Hands-on experience managing macOS environments with Jamf

• Strong experience administering Google Workspace and SaaS tools

• Practical experience working in HIPAA regulated environments

• Exposure to SOC 2 and/or HITRUST compliance programs

• Comfortable operating hands on in a growing, regulated health tech company

• Strong documentation, organization, and process discipline

• Excellent communication skills with both technical and non technical stakeholders

• Experience providing first level support for internal business or product platforms, particularly around access control and user permissions

• Experience using Vanta or similar compliance automation platforms

• Security adjacent experience (IAM design, EDR, device posture checks)

• Familiarity with internal tooling commonly used in health tech environments (e.g. patient management systems, customer support platforms, internal admin tools)

• Prior experience as the primary or sole IT owner in a scaling organization

• Interest in growing into an IT / Security Operations leadership role

Compensation: This role offers a base salary of up to $155,000, depending on experience and qualifications, in addition to benefits.

At 9amHealth, you'll join the exciting environment of a startup with the stability of highly experienced founders that have successfully built a business from scratch. We foster a collaborative learning mindset and a passion for improvement. You'll work with a brand-new product alongside a small, flexible team of people eager to shape technology, infrastructure, and culture.

Our team members are spread across the globe, with physical sites in San Diego, California, and Vienna, Austria, but we value your culture regardless of where you work.

We offer a comprehensive benefits package, including health, dental, and vision insurance, along with flexible PTO and work from home options. We provide a professional development budget and support continuing education, empowering our team to grow alongside the company. Team members have the opportunity to make a meaningful impact on chronic disease management and patient outcomes while contributing to a collaborative, mission driven culture focused on improving healthcare accessibility and affordability.

Diabetes disproportionately impacts BIPOC (black, indigenous, and people of color) communities. We are committed to creating a workforce that reflects our patients and creating a positive healthcare experience for them. We welcome applications from people of color, LGBTQ+ individuals, people with disabilities, members of ethnic minorities, and foreign born residents.