Associate Attorney, Compliance

About The Position

Requirements

• Juris Doctor (JD) from an accredited law school and admission (or ability to become admitted promptly) to practice law in at least one U.S. jurisdiction.
• Two to four years of experience in healthcare compliance, privacy, regulatory, or in-house legal support, or an equivalent combination of experience and training.
• Familiarity with healthcare regulatory frameworks, including HIPAA and related privacy and compliance requirements, is required.

Nice To Haves

• Strong written and verbal communication skills with the ability to turn complex requirements into clear, practical guidance.
• Highly organized with strong attention to detail and consistent follow-through.
• Ability to manage multiple priorities and exercise good judgment regarding escalation and risk.
• Collaborative working style and ability to build effective relationships across Compliance, Legal, Operations, Risk, and business teams.
• Interest in healthcare compliance and privacy and commitment to Marathon’s mission.
• Interest in professional development in privacy and compliance (e.g., IAPP or similar organizations) preferred.

Responsibilities

• Provide practical legal guidance on healthcare compliance and privacy matters, including HIPAA-related questions, internal policies, and operational workflows.
• Support compliance and privacy investigations and incident response activities, including documentation, analysis support, tracking, escalation, and remediation follow-through.
• Review and support routine compliance- and privacy-related agreements, including, business associate agreements, and data-sharing agreements, with appropriate attorney oversight.
• Partner with Compliance and Legal leadership to support vendor, third-party, and data-handling compliance processes and documentation.
• Support Compliance, Privacy, and GRC governance activities, including preparing agendas, drafting meeting minutes, tracking action items, and maintaining complete committee records.
• Assist with policy lifecycle management across Compliance and Privacy, including drafting support, updates, approvals, version control, attestations, and audit documentation.
• Support auditing and monitoring activities, including evidence collection, remediation tracking, and regulatory readiness initiatives such as HITRUST.
• Assist with regulatory and business obligation tracking, including licenses, registrations, and other compliance requirements as assigned.
• Support litigation tracking and insurance-related matters in coordination with Legal and Risk, including maintaining trackers and organizing documentation.
• Maintain organized, audit-ready compliance and privacy documentation and trackers to support internal and external reviews.
• Other duties as assigned.

Benefits

• FREE Marathon Health services for you and your family, which provides unlimited, free primary care, routine labs, select prescriptions, vaccinations, and virtual mental health care for you and your family
• Choice of 2 medical plans, 2 dental plans, and vision coverage
• Unlimited free mental health benefits and EAP resources
• Rewards for challenges and healthy lifestyle activities
• Family-building and reproductive health benefits
• Paid parental leave
• Generous PTO or FTO
• Paid Holidays + A Day for What Matters
• Company paid Basic Life and Disability insurance
• Supplemental Life
• Spending Accounts
• 401(k) with employer match and graded vesting
• Continuing Medical Education (CME) for maintaining and strengthening the knowledge, skills, and expertise of our health center teammates, as applicable