HIPAA Compliance Assessor/Consultant (Remote) at TestPros – Sterling, Virginia

Company Overview

TestPros is a successful and growing business, established in 1988 to provide Information Technology (IT) technical support services to a wide range of Commercial and U.S. Federal, State, and Local Government customers. Our capabilities include Program Management, Program Oversight, Process Audit, Intelligence Analysis, Cyber Security, NIST SP 800-171 / CMMC Assessment and Compliance, HIPAA, Privacy, Computer Forensics, Software Assurance, Software Testing, Test Automation, Section 508 and WCAG Accessibility Assessment, Localization Testing, Independent Verification and Validation (IV&V), Quality Assurance (QA), Compliance, and Research and Development (R&D) services. TestPros is an Equal Opportunity Employer.

TestPros delivers innovative independent IT assessment solutions to critical challenges facing the nation and the world. We support the U.S. Federal Government and Commercial clients within the continental USA. TestPros is dedicated to making lives better, safer and more secure.

Focus: HIPAA Assessment and Consultation
Start: April 2026
Type: Part-time consulting

We are seeking a HIPAA Compliance Assessor / Consultant to support independent assessments of HIPAA compliance.

This role will evaluate how websites, apps, or platforms collect, use, and protect user data, with a focus on minors/children.

1. Identify Electronic Protected Health Information (ePHI): Locate all systems holding sensitive data.
2. Identify Threats and Vulnerabilities: Determine potential, reasonably anticipated threats.
3. Assess Security Measures: Evaluate current safeguards.
4. Determine Likelihood and Impact: Evaluate the probability and impact of potential breaches.
5. Document and Prioritize Findings: Create the formal report and risk mitigation plan.

Required Skills / Experience

• 5+ years of experience with HIPAA Assessments and Reporting
• 5+ years of experience with HIPAA guidelines, such as:
  • NIST Special Publication 800-66 Rev. 2: Implementing the HIPAA Security Rule
  • NIST Cyber Security Framework to HIPAA Security Rule Crosswalk
  • Health Information Trust Alliance (HITRUST)​​​​​​

• Hands-on experience conducting:

  • Privacy assessments / audits

  • PIA / DPIA

• Strong understanding of:

  • Data flows & data lifecycle

  • User data handling in web/mobile applications

• Experience reviewing:

  • Consumer-facing systems (apps, websites)

  • Consent, transparency, and privacy controls

• Ability to translate regulations into practical findings and recommendations

• Background in GRC, cybersecurity, or product compliance

• Certifications such as:

  • CIPP, CIPM, CISM, or similar

• Part-time (consulting basis)

• 1099 or Corp-to-Corp

• Flexible hours

• Project-based (initial assessment engagement)

TestPros, Inc. is an Equal Opportunity Employer.

EEO Statement

All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, sexual orientation, gender identity, marital status, age, national origin, protected veteran status, or disability. VEVRAA Federal Contractor.