Cybersecurity Advisor - Healthcare TPRM

We're looking for a contract Cybersecurity Advisor with hands-on experience working inside a U.S. hospital system or health system. This is a contract advisory role where you'll help shape our product and guide our clients on governance, risk, and compliance, with a focus on third-party risk management and vendor security review. You'll work directly with our founding team and early customers to provide practical, grounded advice on how health systems evaluate, onboard, and monitor technology vendors.

What You'll Do

• Advise Cortile and our clients on how hospital and health system security, privacy, and compliance teams assess software vendors in practice
• Provide guidance on third-party risk management (TPRM) workflows, frameworks, and common pain points from the buyer's perspective
• Help refine our product and processes to align with real-world GRC expectations in healthcare
• Consult with Cortile's clients on TPRM and vendor risk topics as needed
• Share insight on regulatory and compliance considerations relevant to health system IT procurement (HIPAA, HITRUST, SOC 2, etc.)

What We're Looking For

• Direct professional experience working at a U.S. hospital, hospital system, or health system in a role focused on cybersecurity, GRC, third-party risk management, vendor management, or enterprise risk management
• Specific experience establishing or running IT vendor review processes, or performing security, privacy, or compliance assessments of software vendors on behalf of a health system
• Familiarity with frameworks and standards common in healthcare IT (HIPAA, HITRUST CSF, NIST, SOC 2)
• Familiarity with how health systems handle BAAs, security questionnaires, and vendor onboarding documentation
• Strong communicator who can translate complex compliance requirements into practical guidance
• Established professional network within the healthcare IT industry, with the ability to make warm introductions to security, compliance, and procurement leaders at U.S. hospital and health systems

Nice to Have

• Experience evaluating AI or machine learning tools from a risk and compliance perspective
• Experience using or implementing vendor scorecard platforms like Blackkite, Bitsight Security Scorecard, or Upguard
• Experience using TPRM platforms like Optro (Auditboard) TPRM, ServiceNow GRC.TPRM, or OneTrust
• Experiencing using procure-to-pay platforms like GEP, Workday, or SAP Ariba, Zipor Oracle Fusion

Cortile, Inc. builds AI-powered security and compliance software for SaaS companies selling into regulated institutions. We help companies without dedicated security teams navigate complex compliance requirements and unblock enterprise sales cycles. Apply tot his job Apply To this Job