Jorie AI

Compliance Specialist – FedRAMP & HITRUST

Posted 2 Days Ago

Be an Early Applicant

Hiring Remotely in Oak Brook, IL, USA

In-Office or Remote

Mid level

Artificial Intelligence • Healthtech • Information Technology • Software • Automation

The Role

Lead FedRAMP authorization and HITRUST alignment for cloud systems. Create and maintain SSPs, POA&Ms, control mappings, and evidence. Coordinate 3PAO audits, perform risk assessments, continuous monitoring, vulnerability coordination, policy development, and compliance training for engineering and IT teams.

Summary Generated by Built In

Jorie AI is transforming healthcare operations through intelligent automation, secure cloud solutions, and data-driven insights. As a Compliance Specialist – FedRAMP, you will play a key role in ensuring Jorie’s cloud infrastructure and services meet stringent federal security and compliance standards while maintaining alignment with existing HITRUST and HIPAA
frameworks.

This position requires deep understanding of FedRAMP authorization processes, cloud security compliance, and the integration of HITRUST controls across multi-framework compliance programs. The ideal candidate is proactive, detail-oriented, and comfortable working cross-functionally with IT, security, and audit teams in a fast-paced technology environment.

Key Responsibilities

FedRAMP Compliance Oversight

Support the implementation and maintenance of Jorie’s FedRAMP authorization program in alignment with agency and customer requirements.
Develop and maintain FedRAMP System Security Plans (SSP), POA&Ms, and supporting documentation.
Coordinate with internal IT and cloud engineering teams to ensure continuous compliance of systems within AWS, Azure, or other CSP environments.
Liaise with 3PAOs (Third-Party Assessment Organizations) and government stakeholders during audits and assessments.

HITRUST and Multi-Framework Alignment

Ensure consistent control alignment between FedRAMP Moderate/High baselines, HITRUST CSF, and NIST 800-53 frameworks.
Maintain evidence documentation, control mapping, and compliance matrices for overlapping regulatory programs (HITRUST, SOC 2, HIPAA, PCI).
Participate in ongoing HITRUST recertification processes, including control review, evidence validation, and policy updates.
Collaborate with internal and external auditors (e.g., ISP) to ensure accurate reporting and compliance posture visibility.

Risk Management & Continuous Monitoring

Assist in continuous monitoring of security controls and remediation of POA&M items.
Conduct risk assessments for cloud systems, vendors, and new integrations impacting the FedRAMP boundary.
Coordinate vulnerability scans, incident response activities, and configuration management documentation in alignment with FedRAMP and HITRUST requirements.

Policy, Documentation, and Training

Develop, update, and enforce policies related to data security, cloud compliance, and regulatory reporting.
Provide compliance guidance and training to engineering, DevOps, and IT personnel involved in the FedRAMP environment.
Support internal readiness reviews, gap assessments, and compliance roadmap initiatives.

Qualifications

Education

Bachelor’s degree in Information Security, Computer Science, Compliance, or related field required.

Experience

3–6 years of experience in compliance, information security, or risk management.
At least 2 years of direct experience supporting FedRAMP programs or equivalent government compliance frameworks.
Hands-on experience with HITRUST CSF certification processes, evidence collection, and auditor coordination.
Experience working in cloud-based environments (AWS, Azure, or GCP) and familiarity with continuous monitoring tools (Splunk, Qualys, Nessus, etc.).
Background in healthcare, AI, or SaaS industries strongly preferred.

Skills & Competencies

In-depth understanding of NIST 800-53, FedRAMP Moderate/High baselines, and HITRUST CSF control mapping.
Strong knowledge of HIPAA, HITRUST, SOC 2, and ISO 27001 standards.
Excellent documentation and writing skills — ability to produce and maintain formal compliance deliverables.
Strong analytical, organizational, and communication skills, with the ability to work across technical and non-technical teams.
FedRAMP (3PAO) Assessor or equivalent experience

Preferred Certifications

HITRUST Certified CSF Practitioner (CCSFP) – required
Certified Information Systems Auditor (CISA) or Certified in Risk and Information Systems Control (CRISC) – preferred
Certified Information Systems Security Professional (CISSP) – a plus
Security+ or CCSP (Certified Cloud Security Professional)

Skills Required

Bachelor's degree in Information Security, Computer Science, Compliance, or related field
3-6 years experience in compliance, information security, or risk management
At least 2 years direct experience supporting FedRAMP programs or equivalent government compliance frameworks
Hands-on experience with HITRUST CSF certification processes, evidence collection, and auditor coordination
Experience working in cloud-based environments (AWS, Azure, or GCP) and familiarity with continuous monitoring tools (Splunk, Qualys, Nessus)
In-depth understanding of NIST 800-53, FedRAMP Moderate/High baselines, and HITRUST CSF control mapping
FedRAMP (3PAO) Assessor or equivalent experience
Excellent documentation and writing skills for formal compliance deliverables
HITRUST Certified CSF Practitioner (CCSFP)
Certified Information Systems Auditor (CISA) or CRISC
CISSP
Security+ or CCSP
Background in healthcare, AI, or SaaS industries

Jorie AI Compensation & Benefits Highlights

The following summarizes recurring compensation and benefits themes identified from responses generated by popular LLMs to common candidate questions about Jorie AI and has not been reviewed or approved by Jorie AI.

Fair & Transparent Compensation — Pay is considered competitive in certain technical roles, with employer-posted engineering ranges in Oak Brook, IL and feedback suggesting strong pay for some positions. Published salary bands for specific openings provide added clarity.
Healthcare Strength — Benefits information highlights multiple Blue Cross Blue Shield medical options alongside dental, vision, life insurance, and short- and long-term disability. This breadth indicates robust core health coverage.
Retirement Support — A 401(k) with company match is advertised as part of the package. This signals employer support for long-term financial security.

Learn more about Jorie AI's Compensation & Benefits →

Jorie AI Insights

What's It Like to Work at Jorie AI? Jorie AI Culture & Values Jorie AI Career Growth & Development What's the Work-Life Balance Like at Jorie AI? Jorie AI Leadership & Management Jorie AI Company Growth, Stability & Outlook

View all jobs at Jorie AI

View Jorie AI Profile

Report Job

Am I A Good Fit?

beta

Get Personalized Job Insights.

Our AI-powered fit analysis compares your resume with a job listing so you know if your skills & experience align.

The Company

HQ: Oak Brook, Illinois

956 Employees

Year Founded: 2015

What We Do

Ready to embrace the future of healthcare finance? Discover Jorie, where advanced AI technology harmoniously merges FinTech and HealthTech, revolutionizing your financial processes. Utilizing Robotic Process Automation (RPA) and sharp analytics, we deliver cost-effective solutions, amplifying profitability and scalability. Our AI drastically cut collection costs, boost revenue, and mitigate bad debt write-offs, all while ensuring smooth operations and informed decision-making. Jorie is more than a service; it's a partnership committed to achieving your financial aspirations, navigating the complexities of healthcare finances with a robust, efficient, and forward-thinking strategic approach.