Compliance Specialist – FedRAMP, HITRUST

🕒 5 dias atrás

🌽 Illinois – Remoto

🌽 Illinois – Remote

💵 $120.000 - $150.000 / ano

⏰ Tempo Integral

🟡 Pleno

🟠 Sênior

🚔 Conformidade

Candidatar-se

Encontrar Vagas Remotas Similares

Receber Emails de Vagas Remotas

📊 Verifique sua pontuação de currículo para esta vaga

Melhore suas chances de conseguir uma entrevista verificando sua pontuação de currículo antes de se candidatar.

Enviar Currículo

Jorie AI

SiteLinkedInTodas as Vagas

1001 - 5000 funcionários

🤖 Inteligência Artificial

⚕️ Seguro de Saúde

💳 Fintech

Artificial Intelligence • Healthcare Insurance • Fintech

Jorie AI é uma empresa que revoluciona as indústrias de saúde e finanças ao oferecer soluções avançadas impulsionadas por inteligência artificial. Especializada em gestão do ciclo de receita (RCM), a Jorie AI utiliza automação de processos robóticos e poderosas ferramentas de inteligência empresarial para otimizar operações financeiras e de saúde, aumentar a lucratividade e melhorar relatórios. Seus serviços incluem maximizar o rendimento operacional, gerenciar recursos e estruturar fluxos contínuos de dados críticos de pacientes e financeiros. A Jorie AI se concentra em fornecer soluções de automação personalizadas alinhadas aos objetivos dos clientes, melhorando os resultados dos pacientes, a satisfação dos médicos e as margens financeiras. A empresa é conhecida pelo uso inovador de IA na gestão de sinistros de saúde e consultoria do ciclo de receita, reduzindo significativamente ineficiências operacionais e melhorando o desempenho financeiro.

Descrição

• Support the implementation and maintenance of Jorie’s FedRAMP authorization program in alignment with agency and customer requirements. • Develop and maintain FedRAMP System Security Plans (SSP), POA&Ms, and supporting documentation. • Coordinate with internal IT and cloud engineering teams to ensure continuous compliance of systems within AWS, Azure, or other CSP environments. • Liaise with 3PAOs (Third-Party Assessment Organizations ) and government stakeholders during audits and assessments. • Ensure consistent control alignment between FedRAMP Moderate/High baselines, HITRUST CSF, and NIST 800-53 frameworks. • Maintain evidence documentation, control mapping, and compliance matrices for overlapping regulatory programs (HITRUST, SOC 2, HIPAA, PCI). • Participate in ongoing HITRUST recertification processes, including control review, evidence validation, and policy updates. • Collaborate with internal and external auditors (e.g., ISP) to ensure accurate reporting and compliance posture visibility. • Assist in continuous monitoring of security controls and remediation of POA&M items. • Conduct risk assessments for cloud systems, vendors, and new integrations impacting the FedRAMP boundary. • Coordinate vulnerability scans, incident response activities, and configuration management documentation in alignment with FedRAMP and HITRUST requirements. • Develop, update, and enforce policies related to data security, cloud compliance, and regulatory reporting. • Provide compliance guidance and training to engineering, DevOps, and IT personnel involved in the FedRAMP environment. • Support internal readiness reviews, gap assessments, and compliance roadmap initiatives.

🎯 Requisitos

• Bachelor’s degree in Information Security, Computer Science, Compliance, or related field required. • 3–6 years of experience in compliance, information security, or risk management. • At least 2 years of direct experience supporting FedRAMP programs or equivalent government compliance frameworks. • Hands-on experience with HITRUST CSF certification processes, evidence collection, and auditor coordination. • Experience working in cloud-based environments (AWS, Azure, or GCP) and familiarity with continuous monitoring tools (Splunk, Qualys, Nessus, etc.). • Background in healthcare, AI, or SaaS industries strongly preferred. • In-depth understanding of NIST 800-53, FedRAMP Moderate/High baselines, and HITRUST CSF control mapping. • Strong knowledge of HIPAA, HITRUST, SOC 2, and ISO 27001 standards. • Excellent documentation and writing skills — ability to produce and maintain formal compliance deliverables. • Strong analytical, organizational, and communication skills, with the ability to work across technical and non-technical teams. • FedRAMP (3PAO) Assessor or equivalent experience.