Solarity · 8 hours ago
IT Risk and Compliance Analyst
United States
Full-time
Remote
Entry, Mid Level
2+ years expSolarity is a company that improves the accuracy, accessibility, and interoperability of electronic medical records through innovative technology. The IT Risk and Compliance Analyst will support risk management and compliance efforts, focusing on HITRUST and SOC 2 audit initiatives, ensuring continuous compliance with relevant standards and protecting client data.
Health CareMedicalSoftware
Responsibilities
Participate in all phases of HITRUST and SOC 2 audits, including readiness assessments, evidence collection, remediation tracking, and certification maintenance
Translate audit and compliance requirements into technical controls and identify appropriate tools and evidence sources
Conduct technical risk assessments and control testing to evaluate compliance with internal policies and external standards
Coordinate internal and external audits with IT process owners and stakeholders, ensuring timely and accurate responses to auditor requests
Monitor the risk and control environment for emerging threats and evolving compliance requirements; recommend and implement control enhancements
Identify and implement process improvements to mature IT compliance practices, including automation and optimization opportunities
Educate and train control and process owners on compliance responsibilities and foster a culture of security and accountability
Guide departments in implementing and maintaining security controls aligned with HITRUST, SOC 2, and HIPAA
Support third-party risk management and business continuity planning activities
Maintain and update policies, standards, and guidelines to reflect current compliance requirements
Provide support for vulnerability management, incident management, and incident response as needed
Comply with Solarity’s policies, procedures and guidelines
May be required to perform other related Information Security duties as assigned
Qualification
Required
Bachelor's degree in information security, Computer Science, Information Systems, or equivalent experience
2 to 4 years of experience in IT Compliance, Audit, Risk Management, or related fields
Demonstrated experience with HITRUST and SOC 2 audits, including evidence collection, remediation, and certification maintenance
Strong knowledge of HITRUST CSF, SOC 2 (SSAE 18), HIPAA, and familiarity with NIST, CIS and ISO 27001 frameworks
Experience conducting technical risk assessments and recommending mitigation strategies
Proven experience implementing and managing security and compliance technologies and frameworks, including Data Loss Prevention (DLP), Privileged Access Management (PAM), Identity and Access Management (IAM), Role-Based Access Control (RBAC), and Governance, Risk, and Compliance (GRC) processes
Experience in healthcare or other highly regulated industries, particularly in HIPAA Business Associate environments
Strong collaboration skills with executives, technical SMEs, and auditors
Proficiency in evaluating and documenting IT processes, controls, and audit evidence
Strong project management, organizational, and communication skills
Technical aptitude to understand IT systems, security tools, and evidence generation processes
Fluency in English required
Preferred
Preferred Certifications: CISA, CRISC, CCSFP (or ability to obtain within 1 year)
Company
Solarity
Solarity provides the healthcare industry with an automated medical record indexing solution.
201-500 employees
Funding
Current Stage
Growth StageTotal Funding
unknownKey Investors
TA Associates
2024-06-04Private Equity
2019-11-05Acquired
Leadership Team
Andrew Fehlman
Chief Executive Officer
Recent News
Business News Americas
2025-08-27
Company data provided by crunchbase