About Origin Medical Research Lab

Origin Medical Research Lab is the research arm of Origin Medical. Here, we strive to bring together the best and brightest minds at the intersection of AI and healthcare to fulfill Origin Medical’s mission.

By combining the knowledge of healthcare and AI, it is on a journey to build state-of-the-art solutions aimed at supporting a broad spectrum of healthcare providers in rural and urban communities, allowing them to practice at the top of their licenses. With AI in the imaging workflow, clinicians can more confidently deliver timely interventions, enhance pregnancy outcomes, identify high-risk pregnancies to reduce maternal mortality, and significantly lower infant mortality rates.

Origin Medical, headquartered in Cambridge, Massachusetts, USA, is driven by a mission to advance maternal health equity by improving access to quality prenatal care with artificial intelligence.

About the GRC Team and the Role

The GRC team is responsible for building and maintaining the company’s overall governance, risk, and compliance framework, ensuring our AI healthcare products meet security, privacy, and regulatory expectations across markets.

As a Compliance & Risk Analyst Intern, you will work directly with this team to support day‑to‑day compliance operations, help prepare for audits, map global requirements that impact commercialisation, and lay the groundwork for certifications like HIPAA, ISO 27001, and SOC 2, with a clear path to grow into a full-time GRC/Compliance Analyst role.

What will you do

• Map global security, privacy, and compliance requirements.
• Identify and document market compliance barriers and gaps.
• Maintain enterprise data inventory, including PHI/ePHI flows.
• Maintain internal repositories for cybersecurity and compliance documentation.
• Support the design and implementation of security and privacy controls and processes.
• Assist in preparing for and supporting external audits and assessments (e.g., HIPAA, ISO 27001, GDPR, SOC 2).
• Track and help remediate control gaps, issues, and policy exceptions.
• Support the development and monitoring of security and compliance metrics for leadership.
• Perform or assist with security and third‑party risk assessments and documentation.
• Review supplier contracts for security and privacy clauses; suggest required improvements.
• Maintain vendor risk inventories, including suppliers, controls, and associated risks.
• Support security awareness, culture initiatives, and related training activities.
• Assist in incident analysis, investigations, support, and related documentation activities.

Who are we looking for

Required qualifications

• Final-year student or recent graduate, 0–1 year experience.
• Degree in CS, IT, Information Systems, Cybersecurity, Business, or related fields.
• Strong written and verbal English communication skills.
• Comfortable with documentation, spreadsheets, and structured work.
• Understanding of security and privacy fundamentals.
• Demonstrated interest in GRC, cybersecurity, or healthcare regulations.

Preferred / Good to have

• Internship or project experience in security or compliance.
• Experience with Jira, Notion, Confluence, or similar tools.
• Certifications or specific training in security risk management and IT controls frameworks, such as ISO 27001, ISO 27701, NIST CSF, and 800-53.
• Knowledge of regulatory compliances such as ISO 27001, SOC2, HIPAA, and HITRUST.
• Strong knowledge of Python/Scripting.
• Familiarity with AI/ML and healthcare data use.

Working at Origin Medical Research Lab

• You will receive training, along with continuous guidance and mentorship from team members. Additionally, you’ll receive guidance and support from the founders in your career goals, helping you to develop your skills and build your professional network.
• You will be given the opportunity to work with renowned clinicians, AI scientists, and business leaders from around the world.
• Get a head start in unlocking the power of your leadership DNA. Discover your strengths as you take on challenges that will prepare you for leading the way in making a difference.
• You will receive an industry-standard monthly stipend, and promising candidates will be given a conditional full-time job offer at the end of three months.

This job posting is valid only on our official LinkedIn page, the mentioned URL, and authorised platforms such as Naukri. We are not responsible for any job postings or advertisements on third-party sites not listed above.

Please note that our company does not charge any fees for internships or job applications. Any such requests for payment should be considered fraudulent. We strongly advise you to report any suspicious activity involving our name to the appropriate authorities.

Any unauthorised use of our job postings, company information, or data by third parties for their business activities is strictly prohibited. Such actions may be in violation of the Information Technology Act and will be subject to legal penalties under applicable laws.

The information provided in this job posting outlines the general nature of the role. It is not an exhaustive list of responsibilities, duties, or skills required. The company reserves the right to make changes to this description at any time based on business needs.

Our company is an Equal Opportunity Employer, and we do not discriminate based on race, colour, religion, gender, national origin, age, disability, sexual orientation, or any other status protected under federal, state, or local laws.