ZipRecruiter

Log In

1

Hitrust Jobs in California (NOW HIRING)

NexHealth

Head of IT & Security

San Francisco, CA · On-site

... HITRUST) -- designed evidence collection, mapped controls, ran the auditor relationship, and made the next cycle materially easier than the last. • Software engineering background. Can read a pull ...

MatrixCare

Senior Compliance Engineer

San Diego, CA · On-site

$110K - $152K/yr

At least 3-5 years of experience in audits with criteria such as ISO 13485, EU MDR, MDSAP, HDS, SOC2, HITRUST and other regulatory frameworks. * Proficiency in producing technical analysis/reports ...

Propeller Health

Senior Compliance Engineer

San Diego, CA · On-site

$110K - $152K/yr

At least 3-5 years of experience in audits with criteria such as ISO 13485, EU MDR, MDSAP, HDS, SOC2, HITRUST and other regulatory frameworks. * Proficiency in producing technical analysis/reports ...

Diality Inc

Cloud & Digital Platform Architect

Irvine, CA · On-site

$177K - $196K/yr

ISO 27001 / HITRUST (if applicable) Education & Experience * Bachelor's or Master's degree in Computer Science, Engineering, or a related field. * 10+ years of experience in embedded software ...

ResMed

Senior Compliance Engineer

San Diego, CA · On-site

$110K - $152K/yr

At least 3-5 years of experience in audits with criteria such as ISO 13485, EU MDR, MDSAP, HDS, SOC2, HITRUST and other regulatory frameworks. * Proficiency in producing technical analysis/reports ...

Corvel

Chief Information Security Officer

Irvine, CA

Experience with HIPAA, HITRUST, SOC1,2,3, SOX, NIST 800-53/CSF, or other relevant frameworks * Notable cloud security experience * Outstanding written and spoken communication skills, interpersonal ...

PDS Health

Workday Solutions Architect

Irvine, CA · On-site

$150K/yr

Experience in healthcare, dental, or a similarly regulated enterprise environment with awareness of HIPAA Privacy and Security Rules and HITRUST CSF requirements. * Familiarity with AI-augmented ...

Futurhealth

Senior Software Engineer

Bodega Bay, CA

$150K - $200K/yr

Familiarity with healthcare security and privacy frameworks (HIPAA, HiTrust). * Experience with infrastructure-as-code (Terraform, CDK). * Experience integrating third-party APIs or building event ...

Corvel

Chief Information Security Officer

Irvine, CA · On-site

$37K - $55K/yr

Experience with HIPAA, HITRUST, SOC1,2,3, SOX, NIST 800-53/CSF, or other relevant frameworks * Notable cloud security experience * Outstanding written and spoken communication skills, interpersonal ...

next page

Showing results 1-20

All JobsHitrust JobsHitrust Jobs in California

Hitrust information

See California salary details

$70K

$119.9K

$177.7K

How much do hitrust jobs pay per year?

As of Jun 9, 2026, the average yearly pay for hitrust in California is $119,851.00, according to ZipRecruiter salary data. Most workers in this role earn between $95,474.00 and $143,457.00 per year, depending on experience, location, and employer.

What are the key skills and qualifications needed to thrive in the Hitrust position, and why are they important?

To thrive in a HITRUST professional role, you need a robust understanding of information security, healthcare compliance, and risk assessment, typically supported by a relevant degree or certifications such as HITRUST Certified CSF Practitioner (CCSFP). Proficiency with regulatory frameworks like HIPAA, GRC tools, and HITRUST’s MyCSF platform is crucial. Strong attention to detail, analytical thinking, and effective communication are key soft skills for working with cross-functional teams and translating complex requirements. These skills enable professionals to ensure organizational compliance, manage complex security assessments, and foster trust in healthcare data protection programs.

What typical responsibilities can I expect as a HITRUST professional in a healthcare organization?

As a HITRUST professional, you will be responsible for guiding organizations through the HITRUST CSF certification process, conducting comprehensive risk and gap assessments, and creating remediation plans to address compliance issues. Your work will often involve collaborating with IT, compliance, and executive teams to implement policies, improve security controls, and ensure adherence to industry standards like HIPAA and HITECH. You can also expect to manage regular audits, prepare documentation, and educate staff on emerging security requirements. This role plays a key part in maintaining regulatory compliance and safeguarding sensitive patient data.

What is a HITRUST job?

A HITRUST job typically involves working with the HITRUST Common Security Framework (CSF) to help organizations achieve and maintain regulatory compliance, data security, and risk management. Professionals in this role may conduct risk assessments, implement security controls, and guide organizations through the HITRUST certification process. Common job titles include HITRUST Consultant, Compliance Analyst, and Security Auditor. These roles require expertise in cybersecurity, regulatory frameworks, and industry best practices.

What are the most commonly searched types of Hitrust jobs in California? The most popular types of Hitrust jobs in California are:
What are popular job titles related to Hitrust jobs in California? For Hitrust jobs in California, the most frequently searched job titles are:
What job categories do people searching Hitrust jobs in California look for? The top searched job categories for Hitrust jobs in California are:
What cities in California are hiring for Hitrust jobs? Cities in California with the most Hitrust job openings:
Hitrust jobs near you
Infographic showing various Hitrust job openings in California as of June 2026, with employment types broken down into 74% Full Time, and 26% Contract. Highlights an 78% In-person, 4% Hybrid, and 18% Remote job distribution, with an average salary of $119,851 per year, or $57.6 per hour.
Head of IT & Security

Head of IT & Security

NexHealth

San Francisco, CA • On-site

Full-time

Posted 24 days ago

Job description

Job Summary:
NexHealth is a technology company building infrastructure that's reshaping how patient data moves and how the HealthTech ecosystem connects. We're looking for a Security Lead to own our security governance, compliance, IT operations, vendor security, and incident response — establishing the function, embedding strong practices, and partnering closely with engineering, legal, and leadership.
Responsibilities:
• Own NexHealth's security governance, compliance, and IT programs end-to-end.
• Serve as named Information Security Officer and Privacy Officer for SOC 2 and HIPAA — own the policy manual (40+ documents), audit liaison relationship with A-LIGN, control mapping across overlapping regimes, and evidence collection pipelines.
• Set security standards across application security, vulnerability management, cloud security (AWS), audit logging, and access controls — driving the technical program through Engineering via influence, not direct authority.
• Build, hire, and develop the IT and workforce security program: endpoints, identity, SaaS administration, phishing simulations, role-specific training modules, and facilities security.
• Own vendor security: intake, classification, assessment, BAA execution, ongoing oversight, and customer-facing trust artifacts including Trust Center and subprocessor disclosure.
• Lead incident response in Officer capacity; partner with outside counsel on breach determinations, own IR tracking, and run annual tabletop exercises.
• Own the risk register, risk acceptance decisions, privacy operations (DSARs, data subject rights, privacy complaints), BC/DR plan, and cyber insurance relationship.
• Hire a Staff-level IT IC within year one and grow the function from there.
Qualifications:
Required:
• 8+ years of relevant security experience, including 3+ years in a security leadership role where you were materially building the program, not maintaining it.
• Has built (not inherited) a security program from a near-zero baseline at least once.
• Has owned a recurring external audit cycle end-to-end (e.g., SOC 2, ISO, PCI, HITRUST) — designed evidence collection, mapped controls, ran the auditor relationship, and made the next cycle materially easier than the last.
• Software engineering background. Can read a pull request, evaluate cloud configurations, and push back on Engineering with technical substance.
• Experience hiring and developing senior security or IT individual contributors.
• Hands-on experience with security tools and technologies such as SIEM, MDR, IDS/IPS, WAF, DLP, and vulnerability scanners.
• You've reshaped how a company engages with auditors, regulators, or customer security teams — moved questionnaires to Trust Centers, audits from manual to automated, or vendor reviews from one-off projects to continuous programs.
• You drive sustained operational change in functions you don't manage.
• You treat engineering velocity as a security input. Slow shipping creates security risk too.
• You can frame risk for a Board-level audience and for an engineering audience in the same week.
• First-principles thinker.
• Writes. NexHealth runs on documents; verbal-first operators struggle here.
• Comfortable being the ranking voice on policy and risk.
Company:
NexHealth is a real-time patient booking platform for people, their doctors, and healthcare developers. Founded in 2016, the company is headquartered in San Francisco, USA, with a team of 201-500 employees. The company is currently Growth Stage.

Apply