Jorie AI Logo

Jorie AI

Compliance Specialist – FedRAMP & HITRUST

Posted 3 Days Ago
Be an Early Applicant
In-Office or Remote
Hiring Remotely in Oak Brook, IL
Mid level
In-Office or Remote
Hiring Remotely in Oak Brook, IL
Mid level
The Compliance Specialist ensures compliance with FedRAMP and HITRUST standards, manages security documentation, and collaborates with internal teams for audits and risk assessments.
The summary above was generated by AI

Position Summary

Jorie AI is transforming healthcare operations through intelligent automation, secure cloud solutions, and data-driven insights. As a Compliance Specialist – FedRAMP, you will play a key role in ensuring Jorie’s cloud infrastructure and services meet stringent federal security and compliance standards while maintaining alignment with existing HITRUST and HIPAA
frameworks.

This position requires deep understanding of FedRAMP authorization processes, cloud security compliance, and the integration of HITRUST controls across multi-framework compliance programs. The ideal candidate is proactive, detail-oriented, and comfortable working cross-functionally with IT, security, and audit teams in a fast-paced technology environment.

Key Responsibilities

FedRAMP Compliance Oversight

  • Support the implementation and maintenance of Jorie’s FedRAMP authorization program in alignment with agency and customer requirements.
  • Develop and maintain FedRAMP System Security Plans (SSP), POA&Ms, and supporting documentation.
  • Coordinate with internal IT and cloud engineering teams to ensure continuous compliance of systems within AWS, Azure, or other CSP environments.
  • Liaise with 3PAOs (Third-Party Assessment Organizations) and government stakeholders during audits and assessments.

HITRUST and Multi-Framework Alignment

  • Ensure consistent control alignment between FedRAMP Moderate/High baselines, HITRUST CSF, and NIST 800-53 frameworks.
  • Maintain evidence documentation, control mapping, and compliance matrices for overlapping regulatory programs (HITRUST, SOC 2, HIPAA, PCI).
  • Participate in ongoing HITRUST recertification processes, including control review, evidence validation, and policy updates.
  • Collaborate with internal and external auditors (e.g., ISP) to ensure accurate reporting and compliance posture visibility.

Risk Management & Continuous Monitoring

  • Assist in continuous monitoring of security controls and remediation of POA&M items.
  • Conduct risk assessments for cloud systems, vendors, and new integrations impacting the FedRAMP boundary.
  • Coordinate vulnerability scans, incident response activities, and configuration management documentation in alignment with FedRAMP and HITRUST requirements.

Policy, Documentation, and Training

  • Develop, update, and enforce policies related to data security, cloud compliance, and regulatory reporting.
  • Provide compliance guidance and training to engineering, DevOps, and IT personnel involved in the FedRAMP environment.
  • Support internal readiness reviews, gap assessments, and compliance roadmap initiatives.

Qualifications

Education

  • Bachelor’s degree in Information Security, Computer Science, Compliance, or related field required.

Experience

  • 3–6 years of experience in compliance, information security, or risk management.
  • At least 2 years of direct experience supporting FedRAMP programs or equivalent government compliance frameworks.
  • Hands-on experience with HITRUST CSF certification processes, evidence collection, and auditor coordination.
  • Experience working in cloud-based environments (AWS, Azure, or GCP) and familiarity with continuous monitoring tools (Splunk, Qualys, Nessus, etc.).
  • Background in healthcare, AI, or SaaS industries strongly preferred.

Skills & Competencies

  • In-depth understanding of NIST 800-53, FedRAMP Moderate/High baselines, and HITRUST CSF control mapping.
  • Strong knowledge of HIPAA, HITRUST, SOC 2, and ISO 27001 standards.
  • Excellent documentation and writing skills — ability to produce and maintain formal compliance deliverables (SSPs, POA&Ms, risk assessments).
  • Strong analytical, organizational, and communication skills, with the ability to work across technical and non-technical teams.

Preferred Certifications

  • HITRUST Certified CSF Practitioner (CCSFP) – required
  • Certified Information Systems Auditor (CISA) or Certified in Risk and Information Systems Control (CRISC) – preferred
  • Certified Information Systems Security Professional (CISSP) – a plus
  • FedRAMP (3PAO) Assessor or equivalent experience
  • Security+ or CCSP (Certified Cloud Security Professional)

Top Skills

AWS
Azure
GCP
Nessus
Qualys
Splunk

Similar Jobs

SharkNinja Logo
SharkNinja

Quality Engineer

A Minute Ago
Remote
United States
71K-115K Annually
Junior
71K-115K Annually
Junior
Beauty • Robotics • Design • Appliances • Manufacturing
The Quality Engineer will drive product and process quality improvements, analyze customer feedback, collaborate with cross-functional teams, and ensure quality standards are met throughout product development. Responsibilities include root cause analysis, corrective actions, and enhancing user experience.
Top Skills: MS OfficeSharepoint
Corporate Tools LLC Logo
Corporate Tools LLC

Government Relations Manager

A Minute Ago
Remote or Hybrid
2 Locations
150K-150K Annually
Senior level
150K-150K Annually
Senior level
eCommerce • Legal Tech • Professional Services • Software • Data Privacy
Manage relations with numerous government agencies, direct lobbyists, and develop strategies for effective government cooperation.
Crunchtime Logo
Crunchtime

Business Development Representative

3 Minutes Ago
Easy Apply
Remote
US
Easy Apply
45K-55K Annually
Junior
45K-55K Annually
Junior
Artificial Intelligence • Food • Information Technology • Software • Business Intelligence • Hospitality • Automation
The BDR will generate interest in Crunchtime's products through cold calling, lead follow-ups, and using social selling techniques to set meetings for Account Executives. The role involves consulting with restaurant leaders, leveraging sales tools, and achieving sales quotas.
Top Skills: GongGong EngageLinkedInSalesforceSalesnavZoominfo

What you need to know about the Los Angeles Tech Scene

Los Angeles is a global leader in entertainment, so it’s no surprise that many of the biggest players in streaming, digital media and game development call the city home. But the city boasts plenty of non-entertainment innovation as well, with tech companies spanning verticals like AI, fintech, e-commerce and biotech. With major universities like Caltech, UCLA, USC and the nearby UC Irvine, the city has a steady supply of top-flight tech and engineering talent — not counting the graduates flocking to Los Angeles from across the world to enjoy its beaches, culture and year-round temperate climate.

Key Facts About Los Angeles Tech

  • Number of Tech Workers: 375,800; 5.5% of overall workforce (2024 CompTIA survey)
  • Major Tech Employers: Snap, Netflix, SpaceX, Disney, Google
  • Key Industries: Artificial intelligence, adtech, media, software, game development
  • Funding Landscape: $11.6 billion in venture capital funding in 2024 (Pitchbook)
  • Notable Investors: Strong Ventures, Fifth Wall, Upfront Ventures, Mucker Capital, Kittyhawk Ventures
  • Research Centers and Universities: California Institute of Technology, UCLA, University of Southern California, UC Irvine, Pepperdine, California Institute for Immunology and Immunotherapy, Center for Quantum Science and Engineering

Sign up now Access later

Create Free Account

Please log in or sign up to report this job.

Create Free Account