Risk Compliance Officer

This is a remote position.

We are seeking a highly detail-oriented and methodical Risk Compliance Officer whose primary function is to develop and ensure continuous compliance with at least one or more of the following HIPAA, SOC 2, GDPR, and/or applicable ISO standards through rigorous documentation control, regular compliance checks, and audit-readiness activities. Supporting security policies and broader compliance initiatives are secondary responsibilities and are performed only as they relate to certification upkeep.

This role is primarily responsible for creating, maintaining, reviewing, updating, and validating compliance documentation, performing regular checks against certification requirements, and ensuring that policies, procedures, and records remain accurate, current, and audit-ready at all times.

The role does not perform technical security implementation but directs Infrastructure and Engineering teams on required security and control measures necessary to meet certification requirements, validates their implementation, and requires corrective action when gaps are identified. Supporting security policies and broader compliance initiatives are performed strictly in service of certification compliance.

Key Responsibilities:

Compliance Maintenance & Certification Oversight

• Ensure ongoing compliance with regulatory requirements, that might include one or more of the following standards such as HIPAA, GDPR, SOC 2, and/or applicable ISO standards (e.g., ISO 27001).
• Perform regular compliance checks to confirm that documented controls, policies, and procedures remain aligned with certification requirements.
• Track certification obligations, review cycles, and required updates to ensure no compliance gaps occur over time.

Documentation Control & Quality Management

• Help create and maintain compliance-related documentation, including published policies, procedures, standards, logs, and evidence.
• Ensure documents are version-controlled, consistently formatted, approved, and properly archived.
• Conduct periodic reviews to identify outdated, incomplete, or inconsistent documentation and initiate necessary edits or updates.
• Ensure documentation accurately reflects current practices, processes, and system configurations.

Audit Support & Readiness

• Support internal and external audits for certifications by preparing and organizing required documentation and evidence.
• Act as a central point of coordination for audit documentation requests.
• Maintain audit trails and ensure evidence is complete, accurate, and readily available.
• Track audit findings and support follow-up actions related to documentation or control updates.

Internal Checks & Coordination

• Coordinate with IT, Engineering, HR, Legal, and Operations teams to validate that documented processes align with actual practices.
• Request updates or clarifications from stakeholders when documentation gaps or inconsistencies are identified.
• Provide guidance on documentation standards and compliance-related record-keeping.

Continuous Improvement

• Recommend improvements to documentation structure, templates, and review processes to improve clarity, consistency, and audit readiness.
• Help establish regular review schedules for compliance documentation and certification requirements.

Requirements

Must Haves:

• Bachelor’s degree in Legal Management, Business Administration, or a related field.
• 3–5+ years of experience in compliance, quality management, documentation control, audit support, or similar roles.
• Strong working knowledge of HIPAA, SOC 2, ISO, GDPR, and general information security and compliance principles.
• Proven experience maintaining, updating, and organizing compliance documentation and audit evidence.
• Exceptional attention to detail with strong organizational and document management skills.
• Strong written and verbal communication skills, with the ability to coordinate effectively with non-technical stakeholders.

Nice to Have:

• Prior exposure to software development workflows, repositories, or IT infrastructure to better support compliance and security reviews.
• Experience supporting ISO 27001 or other ISO certifications.
• Certifications related to compliance, quality management, or information security (e.g., ISO 27001 Lead Implementer/Auditor, CISA, CISM, CISSP).
• Experience in technology, SaaS, healthcare, or data-driven environments.
• Familiarity with vendor documentation reviews and third-party compliance requirements

Skills and Competencies:

• Compliance documentation management
• Quality control and document review
• Audit preparation and coordination
• Regulatory and certification awareness
• Strong attention to detail and consistency
• Process tracking and follow-through
• Cross-functional coordination
• Continuous improvement mindset

Benefits

About Chromedia:

Chromedia is a custom software development company based in Denver, Colorado. Our focus is on developing the best mobile and web applications and building long-term relationships with our clients.

At any point in time, we have a “portfolio” of active projects on which we are working. This provides the opportunity for our team members to learn new technologies, experience new industries, and diversify their development opportunities.

Since the pandemic, we've embraced a Work-From-Home setup, and we're excited to offer you the chance to join us in this flexible arrangement. This remote position allows you to work on your own schedule, maximizing your skills in a way that suits your lifestyle. You'll enjoy the freedom to balance your professional and personal life, while still delivering high-quality work. With this role, you can work from anywhere, eliminating the daily commute and giving you more time to focus on what matters most.

Although this is a contracted position, we provide a range of benefits, including paid leave, internet reimbursement, professional development opportunities, and excellent healthcare reimbursement after a brief 90-day period. Additionally, we offer computer and software reimbursements to ensure you have the tools you need to succeed.

We enjoy what we do, value balance in our lives, and take pride in our work. As a small company, you have an opportunity to directly impact our clients and business on a daily basis. If you’d like to explore opportunities with us, please submit your application below. Include your LinkedIn profile or a cover letter, your resume, and if possible, a portfolio of your work. Don't forget to outline your interest and compensation expectations.

Learn more about Chromedia and explore our benefits.

Note: All interviews will be conducted online.