Compliance Specialist – FedRAMP, HITRUST

Job not on LinkedIn

🕒 Yesterday

🌽 Illinois – Remote

🌽 Illinois – Remote

💵 $120k - $150k / year

⏰ Full Time

🟡 Mid-level

🟠 Senior

🚔 Compliance

Apply Now

Find Similar Remote Jobs

Receive Emails For Remote Jobs

📊 Check your resume score for this job

Improve your chances of getting an interview by checking your resume score before you apply.

Upload Resume

Jorie AI

WebsiteLinkedInAll Job Openings

1001 - 5000 employees

🤖 Artificial Intelligence

⚕️ Healthcare Insurance

💳 Fintech

Artificial Intelligence • Healthcare Insurance • Fintech

Jorie AI is a company that revolutionizes the healthcare and finance industries by providing advanced AI-driven solutions. Specializing in revenue cycle management (RCM), Jorie AI leverages robotic process automation and powerful business intelligence tools to streamline financial and healthcare operations, increase profitability, and enhance reporting. Their services include maximizing operational output, managing resources, and structuring seamless flows of critical patient and financial data. Jorie AI focuses on delivering custom automation solutions tailored to clients' objectives to improve patient outcomes, physician satisfaction, and financial margins. The company is known for its innovative use of AI in healthcare claim management and revenue cycle consulting, significantly reducing operational inefficiencies and improving financial performance.

📋 Description

• Support the implementation and maintenance of Jorie’s FedRAMP authorization program in alignment with agency and customer requirements. • Develop and maintain FedRAMP System Security Plans (SSP), POA&Ms, and supporting documentation. • Coordinate with internal IT and cloud engineering teams to ensure continuous compliance of systems within AWS, Azure, or other CSP environments. • Liaise with 3PAOs (Third-Party Assessment Organizations ) and government stakeholders during audits and assessments. • Ensure consistent control alignment between FedRAMP Moderate/High baselines, HITRUST CSF, and NIST 800-53 frameworks. • Maintain evidence documentation, control mapping, and compliance matrices for overlapping regulatory programs (HITRUST, SOC 2, HIPAA, PCI). • Participate in ongoing HITRUST recertification processes, including control review, evidence validation, and policy updates. • Collaborate with internal and external auditors (e.g., ISP) to ensure accurate reporting and compliance posture visibility. • Assist in continuous monitoring of security controls and remediation of POA&M items. • Conduct risk assessments for cloud systems, vendors, and new integrations impacting the FedRAMP boundary. • Coordinate vulnerability scans, incident response activities, and configuration management documentation in alignment with FedRAMP and HITRUST requirements. • Develop, update, and enforce policies related to data security, cloud compliance, and regulatory reporting. • Provide compliance guidance and training to engineering, DevOps, and IT personnel involved in the FedRAMP environment. • Support internal readiness reviews, gap assessments, and compliance roadmap initiatives.

🎯 Requirements

• Bachelor’s degree in Information Security, Computer Science, Compliance, or related field required. • 3–6 years of experience in compliance, information security, or risk management. • At least 2 years of direct experience supporting FedRAMP programs or equivalent government compliance frameworks. • Hands-on experience with HITRUST CSF certification processes, evidence collection, and auditor coordination. • Experience working in cloud-based environments (AWS, Azure, or GCP) and familiarity with continuous monitoring tools (Splunk, Qualys, Nessus, etc.). • Background in healthcare, AI, or SaaS industries strongly preferred. • In-depth understanding of NIST 800-53, FedRAMP Moderate/High baselines, and HITRUST CSF control mapping. • Strong knowledge of HIPAA, HITRUST, SOC 2, and ISO 27001 standards. • Excellent documentation and writing skills — ability to produce and maintain formal compliance deliverables. • Strong analytical, organizational, and communication skills, with the ability to work across technical and non-technical teams. • FedRAMP (3PAO) Assessor or equivalent experience.