22nd November, 2021
Location(s): Jacksonville, FL or 100% REMOTE (candidate choice)
Our client delivers revenue cycle and related business solutions for health care professionals who want to build healthy, thriving organizations. They have the powerful tools, actionable insights, and expansive network reach that medical businesses need to get an edge in an industry constantly redefined by change.
Our client is a Healthcare IT company headquartered in Jacksonville, FL with an office in Indianapolis, IN, and a large and thriving remote team comprising almost 20% of their US-based associates. They operate the largest real-time information network in healthcare, connecting two million providers, to every health plan, coast to coast. They work collaboratively with health plans and providers to disrupt an antiquated healthcare system by solving core issues in the way stakeholders communicate. Fixing the broken provider data management process and creating real-time communication of risk and quality information are just two of the ways our client is streamlining this process. They also offer providers, hospitals, and health systems revenue cycle and patient financial management solutions. They help prepare our providers for the rise in consumerism and value-based care, so that they can get paid accurately, and timely, for their services.
Job Description & Synthesis
Our client is looking for a Sr. IT Auditor to join their growing team. The IT Auditor will support the work of the Director of IT Audit and Third-Party Assurance in executing the internal audit program by providing internal support for third-party audits, pre-and post-implementation of new IT system reviews, and segregation of duties reviews by:
- Conducting enterprise-wide audits and coordinating accreditations, certifications, risk assessments, and audits by third parties, including but not limited to health plans with audit rights, external financial auditors, SSAE-16, HIPAA, HITECH/ACA, EHNAC, HITRUST, PCI, internal audits
- Monitoring controls to ensure they are adhered to according to regulatory requirements that include relevant state and federal laws and regulations, standards, and internal policies and procedures.
- Assist with the legal contract due diligence for third party assurance and audit due diligence process
- Managing the intake, tracking, and documentation for Compliance and Audit issues and managing reporting for monthly Audit Issues Tracking and Corrective Action Plans
- Executing audit programs covering assigned information technology aspects of the business including strategic audits, as well as identifying potential audit areas from a high-level risk assessment review, including an annual Enterprise Risk Assessment
- Proposing and/or participating in Audit Department process improvements
- Performing additional projects as assigned by the Director, IT Audit
- Working in a team environment to assist in planning and auditing in accordance with accepted standards, reporting audit findings and making recommendations for correcting and improving operations and reducing costs
- Adapting to constantly changing priorities in managing a wide variety of projects
Apply For Job
- 3+ years of experience in audit, information security, and/or risk management
- Bachelor Degree required or equivalent work experience
- Certified Information Systems Auditor (CISA) is required or must be actively pursuing a CISA and attain CISA within 24 months of start date.
- One or more of the following certifications is preferred:
- Certified Information Systems Security Professional (CISSP)
- Certified Information Security Manager (CISM)
- HITRUST Practitioner
- Must have strong IT, Security, and Cybersecurity risk and audit experience
- Must have experience and ability to coach team members and provide first level reviews of team’s work products
- Must have experience and ability to lead key meetings with company management and external parties
- Must have the ability to train team members and also educate business partners on risks and controls
- Should have experience with SSAE-16, HIPAA, HITECH/ACA, EHNAC, PCI, HITRUST, and internal financial audits
- Should have Working knowledge of risk-based control frameworks and assurance (COBIT, ITIL, COSO) and Internal Audit methodologies and processes is preferred.
- Should have excellent verbal and written communication skills with the ability to communicate audit and control related concepts to all levels of the organization
- Should have a thorough understanding of application controls, IT operations and controls, system development life cycle, release management control procedures, and business continuity planning.
- Should have Working knowledge of IT audit/security evaluation techniques and tools (HITRUST, ISO17799) is preferred