Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Lead the design and operation of HIPAA compliance and security controls for a top health app.
- Company: Join Flo, the world’s #1 health & fitness app with over 77M monthly users.
- Benefits: Competitive salary, flexible working, paid sabbaticals, and enhanced parental leave.
- Why this job: Make a real impact on female health while working with cutting-edge technology.
- Qualifications: 7+ years in security/compliance, with strong knowledge of SOC 2 and HIPAA frameworks.
- Other info: Dynamic team culture focused on innovation, ownership, and professional growth.
The predicted salary is between 48000 - 72000 £ per year.
500M+ downloads. 77M+ monthly users. A decade of building – and we’re still accelerating. Flo is the world’s #1 health & fitness app worldwide on a mission to build a better future for female health. Backed by a $200M investment led by General Atlantic, we became the first product of our kind to reach a $1B valuation in 2024 – and we’re not slowing down. With 6M paid subscribers and the highest-rated experience in the App Store’s health category, we’ve spent 10 years earning trust at scale. Now, we’re building the next generation of digital health – AI-powered, privacy-first, clinically backed – to help our users know their body better.
As a key member of Flo’s Security Architecture team, you will lead the design and operation of our US Healthcare security controls. You will own the roadmap for HIPAA compliance and SOC2 Type II certification, partnering with Engineering and Legal to build a secure, compliant platform for millions of users.
Key Responsibilities- Compliance Leadership: Lead annual SOC 2 and HIPAA certifications, managing interfaces with external auditors and professional services.
- Policy & Risk: Define and maintain security policies; embed risk assessment activities within engineering processes and vendor management.
- Operational Excellence: Partner with control owners to automate evidence gathering and ensure controls reduce friction rather than creating it.
- Stakeholder Management: Serve as the primary Security POC for US regulators and partners; support the wider Security team with ISO 27001/27701 alignment.
- Tooling: Manage and integrate GRC platforms to streamline compliance monitoring and reporting.
- Experience: 7+ years in security/compliance (3+ in leadership), with a Bachelor’s degree in a related field.
- Core Skills: Deep expertise in SOC 2 and HIPAA frameworks within a Cloud-based SaaS environment.
- Technical Knowledge: Familiarity with PHI handling, GRC platforms, and compliance automation.
- Soft Skills: Strong ability to translate complex compliance requirements into clear actions for engineering teams.
- Preferred: CISA/CISSP certifications; experience with NIST, HiTrust, Docker/Kubernetes, and DevSecOps.
We’re a mission‑led, product‑driven team. We move fast, stay focused and take ownership – from brief to build to impact. Debate is encouraged. Decisions are shared. We care about craft, ship with purpose, and always raise the bar. You’ll be working with people who take their work seriously, not themselves. It takes commitment, resilience, and the drive to keep going when things get tough. Because better health outcomes are worth it.
What you’ll get- Competitive salary and annual reviews
- Opportunity to participate in Flo’s performance incentive scheme
- Paid holiday, sick leave, and female health leave
- Enhanced parental leave and pay for maternity, paternity, same‑sex and adoptive parents
- Accelerated professional growth through world-changing work and learning support
- Flexible office + home working, up to 2 months a year working abroad
- 5‑week fully paid sabbatical at 5‑year Floversary
- Flo Premium for friends & family, plus more health, pension and wellbeing perks
Our strength is in our differences. At Flo, hiring is based on merit, skill and what you bring to the role – nothing else. We’re proud to be an equal opportunity employer, and we welcome applicants from all backgrounds, communities and identities.
Lead Security Specialist (HIPAA) in London employer: Flo Health Inc.
Contact Detail:
Flo Health Inc. Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Lead Security Specialist (HIPAA) in London
✨Tip Number 1
Network like a pro! Reach out to folks in the industry, attend events, and connect with people on LinkedIn. You never know who might have the inside scoop on job openings or can put in a good word for you.
✨Tip Number 2
Prepare for interviews by researching the company and its culture. Understand their mission and values, especially how they relate to health and compliance. This will help you tailor your answers and show that you're genuinely interested in being part of the team.
✨Tip Number 3
Practice common interview questions, but also be ready for scenario-based questions specific to security and compliance. Think about how you would handle real-life situations related to HIPAA and SOC 2 – this will showcase your expertise.
✨Tip Number 4
Don’t forget to apply through our website! It’s the best way to ensure your application gets seen by the right people. Plus, it shows you’re serious about joining Flo and contributing to our mission of better female health.
We think you need these skills to ace Lead Security Specialist (HIPAA) in London
Some tips for your application 🫡
Show Your Passion for Health Tech: When writing your application, let us know why you're excited about working in the health tech space. Share your thoughts on how security plays a crucial role in enhancing user trust and safety, especially in a product like Flo that focuses on female health.
Highlight Relevant Experience: Make sure to detail your experience with SOC 2 and HIPAA frameworks. We want to see how your past roles have prepared you for leading compliance efforts at Flo, so don’t hold back on showcasing your achievements!
Be Clear and Concise: We appreciate straightforward communication. When describing your skills and experiences, keep it clear and to the point. Use bullet points if it helps make your application easier to read – we love a well-organised submission!
Apply Through Our Website: Don’t forget to submit your application through our website! It’s the best way for us to receive your details and ensures you’re considered for the role. Plus, it shows you’re keen to join our team at Flo!
How to prepare for a job interview at Flo Health Inc.
✨Know Your Compliance Stuff
Make sure you brush up on SOC 2 and HIPAA frameworks. Be ready to discuss how you've applied these in previous roles, especially in a Cloud-based SaaS environment. This shows you’re not just familiar with the terms but can actually implement them.
✨Showcase Your Leadership Skills
As a Lead Security Specialist, you'll need to demonstrate your leadership experience. Prepare examples of how you've led compliance initiatives or managed teams in the past. Highlight your ability to translate complex requirements into actionable steps for engineering teams.
✨Understand the Company’s Mission
Flo is all about building a better future for female health. Familiarise yourself with their mission and values. During the interview, connect your experience and passion for security with their goals to show you’re a great cultural fit.
✨Prepare for Stakeholder Scenarios
Think about how you would handle interactions with US regulators and partners. Prepare scenarios where you've successfully managed stakeholder relationships or navigated compliance challenges. This will demonstrate your readiness for the role's responsibilities.
