Job Description
About the position
The IT Audit & Assurance Manager at Inovalon is responsible for overseeing the technology and security audit programs, specifically executing the HITRUST program across the organization. This role involves supporting strategic initiatives, planning and executing internal audit strategies, and ensuring compliance with various regulatory standards. The manager will lead complex audits, enhance the Security Compliance Program, and maintain effective communication with senior management and external audit firms.
Responsibilities • Lead the execution of the HITRUST program across the organization. • Lead and execute both moderately and highly complex reviews for HITRUST CSF validated and certified assessments and Interim assessment. • Support the delivery of professional services projects by participating in the planning, execution, and reporting of the HITRUST validated assessment and final report. • Create governance for HITRUST program; validate, support, and improve its operations. • Contribute to the production and improvement of the content, quality, and timing of audit and compliance analysis and reporting.
• Plan and support the execution of risk mitigation actions established as the result of audit findings. • Evaluate the design and effectiveness of Technology controls throughout the business cycle. • Identify and communicate Technology audit findings to senior management and support remediation effort. • Perform regular audit project and program reviews, and accurately communicate the status of projects in both formal and informal settings throughout project lifecycle. • Develop project plans, estimations, specifications, flowcharts, and presentations.
• Actively participate in the continuous enhancement of the Security Compliance Program by maximizing opportunities to improve and implement automated processes. • Document and track all gaps identified during ongoing control monitoring to meet audit, compliance, and legal requirements. • Identify performance improvement opportunities for assigned projects. • Build rapport, credibility, and cohesion across all business unit teams and IT teams while managing the audit projects. • Manage relationship and work with third party audit firms on audit specific projects.
• Support the assurance that external teams have the required audit control details to meet the control requirements. • Contribute towards the execution of activities including the identification of audit gaps, the development of remediation plans, documentation, monitoring compliance status, and ultimately provide attestation of compliance. • Periodically report progress to management and assesses and measures results related to audit activities. • Perform tasks as set forth by the Security, Risk and Compliance Head.
• Maintain compliance with Inovalon's policies, procedures and mission statement. • Adhere to all confidentiality and HIPAA requirements as outlined within Inovalon's Operating Policies and Procedures. Requirements • Minimum of 5 years of experience with a thorough understanding of IT audit principles and practices. • Proficiency and experience in the execution of dynamic controls frameworks and regulatory standards including ISO, SOX, SSAE 18, COBIT, NIST, HIPAA, PCI, HITRUST. • Proficiency in using information security risk management tools and related methodologies including GRC tools and applications.
• Excellent written and verbal communication and organizational skills. • Outstanding work ethic, proactive mindset, self-motivated, inspirational, enthusiastic, reliable, adaptable, and a promoter of information security. • Strong team player that collaborates well with others to solve problems and actively incorporates input from various sources. • Demonstrable strong leadership skills. • Ability to think strategically and analytically, work with a sense of urgency and attention-to-detail. • Independent thinking, willingness to 'step outside the box' and take reasonable, calculated risks.
Benefits • Competitive salary and performance-based incentives. • Wide range of benefits to meet associate needs. Apply tot his job