ZipRecruiter

Log In

1

Hitrust Auditor Jobs (NOW HIRING)

Insight Assurance

OR

$80K - $99K/yr

... 27001, PCI DSS (QSA), HITRUST, CMMC (C3PAO), and FedRAMP (3PAO) frameworks. We're not your ... CISA, CISSP, ISO 27001 Lead Auditor, or PCI QSA Privacy Notice CCPA : * Insight Assurance shares ...

A-LIGN

Business Development Representative

Tampa, FL · On-site +1

Combining experienced auditors and audit management technology, A-LIGN provides the widest breadth and depth of services including SOC 2, ISO 27001, HITRUST, FedRAMP, and PCI. A-LIGN is the number ...

A-LIGN External

OR · On-site

Combining experienced auditors and audit management technology, A-LIGN provides the widest breadth and depth of services including SOC 2, ISO 27001, HITRUST, FedRAMP, and PCI. A-LIGN is the number ...

A-LIGN External

OR · On-site

Combining experienced auditors and audit management technology, A-LIGN provides the widest breadth and depth of services including SOC 2, ISO 27001, HITRUST, FedRAMP, and PCI. A-LIGN is the number ...

Align

Federal Staff Consultant

Manhattan, NY · Remote

Combining experienced auditors and audit management technology, A-LIGN provides the widest breadth and depth of services including SOC 2, ISO 27001, HITRUST, FedRAMP, and PCI. A-LIGN is the number ...

Amplifon

Cyber Security Specialist

Minneapolis, MN · On-site

... HITRUST). * Experience with Cloudflare, Burp Suite, Metasploit preferred. * Experience deploying and auditing Microsoft Mobile Device Management (Intune). * Strong core competencies in detail ...

RadarFirst

Security & Compliance Specialist

Support SOC 2, HITRUST, and other frameworks. * Complete customer security questionnaires, RFPs ... auditors. * Provide technical support during customer security reviews and sales processes.

RadarFirst

Security & Compliance Specialist

OR · On-site +1

Support SOC 2, HITRUST, and other frameworks. * Complete customer security questionnaires, RFPs ... auditors. * Provide technical support during customer security reviews and sales processes.

Amplifon

Cyber Security Specialist

Minneapolis, MN · On-site

... HITRUST). * Experience with Cloudflare, Burp Suite, Metasploit preferred. * Experience deploying and auditing Microsoft Mobile Device Management (Intune). * Strong core competencies in detail ...

A-LIGN External

OR

Combining experienced auditors and audit management technology, A-LIGN provides the widest breadth and depth of services including SOC 2, ISO 27001, HITRUST, FedRAMP, and PCI. A-LIGN is the number ...

Sightview Software LLC

Security Manager II - GRC

Tampa, FL · On-site

$145K - $160K/yr

... auditor liaising, and remediation tracking. · Own HIPAA Security Rule and Privacy Rule compliance programs, including risk analysis, workforce training, and BAA management. · Lead HITRUST CSF ...

New

next page

Showing results 1-20

People also search for

All JobsHitrust Auditor Jobs

Hitrust Auditor information

See salary details

$38.5K

$92.8K

$151K

How much do hitrust auditor jobs pay per year?

As of Jun 5, 2026, the average yearly pay for hitrust auditor in the United States is $92,797.00, according to ZipRecruiter salary data. Most workers in this role earn between $72,000.00 and $112,000.00 per year, depending on experience, location, and employer.

What is the difference between Hitrust Auditor vs SOC Auditor?

AspectHitrust AuditorSOC Auditor
CertificationsHITRUST CSF Assessor, Certified Information Systems Auditor (CISA)SOC 1, SOC 2, CISA
Work EnvironmentHealthcare, health information organizationsVarious industries including healthcare, finance, tech
Employer & Industry UsageHealthcare providers, health plans, vendorsOrganizations requiring compliance reports
Search & Comparison IntentUnderstanding HITRUST compliance assessmentsEvaluating controls via SOC reports

The Hitrust Auditor primarily focuses on assessing healthcare organizations' compliance with the HITRUST CSF, while the SOC Auditor evaluates controls across various industries through SOC reports. Both roles require similar certifications like CISA and involve compliance and risk assessment, but they serve different regulatory frameworks and industry needs.

Infographic showing various Hitrust Auditor job openings in the United States as of May 2026, with employment types broken down into 60% Full Time, and 40% Contract. Highlights an 100% In-person job distribution, with an average salary of $92,797 per year, or $44.6 per hour.
Senior Security Engineer - Compliance and Risk

Senior Security Engineer - Compliance and Risk

K Health

New York, NY • Hybrid

Other

Medical, Dental, Vision, Retirement, PTO

Posted 25 days ago

Job description

About the role: 

We are seeking a detail-oriented, proactive Security Compliance Engineer to join our Security team. 

In this role, you will not just check boxes; you will own the governance and compliance lifecycle for critical security programs and, in many cases, be actively involved in implementation and remediation. You will ensure that our vulnerability management, privacy, data retention, and business continuity efforts meet the rigorous standards of SOC 2, HIPAA, and HITRUST, protecting our sensitive healthcare data and maintaining trust with our partners.

This role requires onsite presence in our New York City office 4 days a week and does not provide immigration support. 

What you will do: Vulnerability Management Governance
  • Oversee the compliance aspect of the vulnerability management program, ensuring scans and remediation efforts adhere to SLAs.
  • Track and report on remediation timelines to ensure evidence is audit-ready.
  • Collaborate with engineering and IT teams to validate that exceptions are documented, risk-accepted, and reviewed periodically.
  • Manage and handle "tracking technologies" to comply with partner requirements

Privacy & Data Governance

  • Manage adherence to internal privacy policies and external regulations (HIPAA, State Laws, CCPA).
  • Manage adherence to partner-specific health system requirements
  • Monitor data retention schedules to ensure data is stored, archived, and purged in accordance with policy and legal requirements.
  • Conduct periodic privacy impact assessments (PIAs) for new products or features.

Disaster Recovery (DR) & Business Continuity (BCP)

  • Coordinate annual or bi-annual DR/BCP table-top exercises and technical tests.
  • Maintain and update DR/BCP documentation, ensuring contact lists and recovery procedures are current.
  • Review post-mortem reports from tests to ensure continuous improvement and compliance with availability trust principles.

Audit & Framework Management (SOC 2 & HITRUST)

  • Serve as a primary point of contact for external auditors during SOC 2 and HITRUST assessments.
  • Collect, organize, and review evidence on the controls for the programs above.
  • Identify compliance gaps and drive remediation projects before external audits begin.

AI/ML in healthcare and emerging federal and state AI regulations

What we're looking for: 
  • Experience: 3-5+ years of experience in Information Security, Governance, Risk, Vulnerability Management, Compliance (GRC), or IT Audit.
  • Program Management: Proven experience managing specific compliance verticals like vulnerability management or business continuity.
  • Communication: Ability to translate compliance requirements into actionable technical tasks for engineering teams.
  • Organization: Exceptional documentation skills-you understand that "if it isn't written down, it didn't happen."
  • Influence: Ability to drive consensus and compliance across teams without direct management authority.

Benefits & Perks:  #LI-Hybrid

  • Hybrid work schedule with weekly lunches and stocked fridges 
  • Monthly social committees for company events
  • 18 vacation days, 9 company holidays, 5 sick days, and 2 personal days 
  • Stock options for every full-time employee 
  • Paid parental leave
  • 401k benefit
  • Commuter Benefits 
  • Competitive health, dental, and vision insurance options 

Apply