Home   >   Careers   >   Opening


Manager, IT Audit & Assurance

TRAVEL REQUIREMENT: No travel required
<p>The Manager, IT Audit and Assurance scope focuses on the technology and security audit programs and activities for Inovalon. The manager will execute the HITRUST program company wide. Additional activities include supporting strategic and technical initiatives, supporting leadership in planning, implementation, and execution of the internal audit strategy delivering and driving focused compliance and controls program and companywide.</p> <p><strong>Duties and Responsibilities:</strong></p> <ul> <li>Leads and executes both moderately and highly complex reviews for HITRUST CSF validated and certified assessments and Interim assessments;</li> <li>Support the delivery of professional services projects by participating in the planning, execution, and reporting of the HITRUST validated assessment and final report;</li> <li>Evaluate the design and effectiveness of technology controls throughout the business cycle;</li> <li>Identify and communicate technology audit and assessment findings to senior management and support remediation effort;</li> <li>Identify performance improvement opportunities for assigned projects;</li> <li>Supervise and provide performance management for risk and compliance team working on audit projects;</li> <li>Actively participate in the continuous enhancement of the Security Compliance Program by Identifying opportunities to improve and implement automated processes;</li> <li>Contribute to, and improve, the operations of Security Compliance by identifying and managing the security controls at Inovalon;</li> <li>Plan and support the execution of risk mitigation actions established as the result of audit findings, gaps and related analysis;</li> <li>Contribute to the production and improvement of the content, quality, and timing of audit and compliance analysis and reporting;</li> <li>Develop project plans, estimations, specifications, flowcharts, and presentations;</li> <li>Manage relationship and work with third party audit firms on audit specific projects;</li> <li>Perform tasks as set forth by the Security, Risk and Compliance Head;</li> <li>Contribute to regular audit project and program reviews and accurately communicates the status of projects in both formal and informal settings throughout project lifecycle;</li> <li>Contribute towards the execution of activities including the identification of audit gaps, the development of remediation plans, documentation, monitoring compliance status, and ultimately provide attestation of compliance;</li> <li>Create governance for HITRUST program. Validate, support, and improve its operations;</li> <li>Work with external teams to ensure compliance with the HITRUST program audit controls;</li> <li>Document and track all gaps identified during ongoing control monitoring to meet audit, compliance, and legal requirements;</li> <li>Build rapport, credibility, and cohesion across all business unit teams and IT teams while managing the audit projects</li> <li>Support the assurance that external teams have the required audit control details to meet the control requirements;</li> <li>Periodically report progress to management, and assesses and measures results related to audit activities;</li> <li>Maintain compliance with Inovalon’s policies, procedures and mission statement;</li> <li>Adhere to all confidentiality and HIPAA requirements as outlined within Inovalon’s Operating Policies and Procedures in all ways and at all times with respect to any aspect of the data handled or services rendered in the undertaking of the position; and</li> <li>Fulfill those responsibilities and/or duties that may be reasonably provided by Inovalon for the purpose of achieving operational and financial success of the Employer.</li> </ul> <p><strong>Job Requirements:</strong></p> <ul> <li>Minimum of 5 years of experience with a thorough understanding of IT audit principles and practices;</li> <li>Proficiency and experience in the execution of dynamic controls frameworks and regulatory standards to include but not limited to ISO, SOX, SSAE 18, COBIT, NIST, HIPAA, PCI, HITRUST, and other relevant industry regulations, standards, and guidelines;</li> <li>Proficiency, and experience, devising and using information security risk management tools and related methodologies to include GRC tools and applications;</li> <li>Excellent written and verbal communication and organizational skills;</li> <li>Outstanding work ethic, proactive mind-set, self-motivated, inspirational, enthusiastic, reliable, adaptable, and a promoter of information security;</li> <li>Strong team player that collaborates well with others to solve problems and actively incorporate input from various sources;</li> <li>Demonstrable strong leadership skills;</li> <li>Ability to think strategically, work with a sense of urgency and attention-to-detail;</li> <li>Independent thinking, willingness to "step outside the box" and take reasonable, calculated risks; and</li> <li>Strong intellect and analytical skills.</li> </ul> <p><strong>Education:</strong></p> <ul> <li>Bachelor’s Degree in Technology, Business, Finance/Accounting, or related field, equivalent experience may be considered.</li> </ul> <p><strong>Physical Demands and Work Environment:</strong></p> <ul> <li>Sedentary work (i.e. sitting for long periods of time);</li> <li>Exerting up to 10 pounds of force occasionally and/or negligible amount of force;</li> <li>Frequently or constantly to lift, carry push, pull or otherwise move objects and repetitive motions;</li> <li>Subject to inside environmental conditions; and</li> <li>Travel for this position will include less than 5% locally usually for training purposes.</li> </ul><div class="content-conclusion"><p><em>The Company maintains a drug free work environment for all of its associates, which includes employees, contractors and vendors. It is unlawful for associates to manufacture, sell, distribute, dispense, possess or use any controlled substance or marijuana in the workplace and doing so will result in disciplinary action, up to and including termination of employment or the contracted relationship. </em></p> <p><em>By embracing diversity, equity and inclusion we enhance our work environment and drive business success. Inovalon strives to reflect the diversity of the communities where we operate and of our clients and everyone whom we serve. We endeavor to create a culture of inclusion in which our associates feel empowered to bring their full, authentic selves to work and pursue their professional goals in an equitable setting. We understand that by fostering this type of culture, and welcoming different perspectives, we generate innovation and growth.</em></p></div>

Apply for this Position

© 2021 Inovalon. All rights reserved.