Logo
Inovalon

IT Audit and Assurance Manager

Inovalon, Bowie, Maryland, United States, 20721


Inovalon was founded in 1998 on the belief that technology, and data specifically, would empower the transformation of the entire healthcare ecosystem for the better, improving both outcomes and economics. At Inovalon, we believe that when our customers are successful in their missions, healthcare improves. Therefore, we focus on empowering them with data-driven solutions. And the momentum is building. Together, as ONE Inovalon, we are a united force delivering solutions that address healthcare's greatest needs. Through our mission-based culture of inclusion and innovation, our organization brings value not just to our customers, but to the millions of patients and members they serve. Overview: The IT Audit & Assurance Manager scope focuses on the technology and security audit programs and activities for Inovalon. This role will execute the HITRUST program across the organization. Additional activities include supporting strategic and technical initiatives, supporting leadership in planning, implementation, and execution of the internal audit strategy delivering, and driving focused compliance and controls programs.

Duties and Responsibilities: Lead the execution of the HITRUST program across the organization Lead and execute both moderately and highly complex reviews for HITRUST CSF validated and certified assessments and Interim assessment Support the delivery of professional services projects by participating in the planning, execution, and reporting of the HITRUST validated assessment and final report. Create governance for HITRUST program; validate, support, and improve its operations. Work with external teams to ensure compliance with the HITRUST program audit controls. Contribute to the production and improvement of the content, quality, and timing of audit and compliance analysis and reporting. Plan and support the execution of risk mitigation actions established as the result of audit findings. Evaluate the design and effectiveness of Technology controls throughout the business cycle. Identify and communicate Technology audit findings to senior management and support remediation effort. Perform regular audit project and program reviews, and accurately communicate the status of projects in both formal and informal settings throughout project lifecycle. Develop project plans, estimations, specifications, flowcharts, and presentations. Actively participate in the continuous enhancement of the Security Compliance Program by maximizing opportunities to improve and implement automated processes. Document and track all gaps identified during ongoing control monitoring to meet audit, compliance, and legal requirements. Identify performance improvement opportunities for assigned projects. Build rapport, credibility, and cohesion across all business unit teams and IT teams while managing the audit projects. Manage relationship and work with third party audit firms on audit specific projects. Support the assurance that external teams have the required audit control details to meet the control requirements. Contribute towards the execution of activities including the identification of audit gaps, the development of remediation plans, documentation, monitoring compliance status, and ultimately provide attestation of compliance. Periodically report progress to management and assesses and measures results related to audit activities. Perform tasks as set forth by the Security, Risk and Compliance Head. Maintain compliance with Inovalon's policies, procedures and mission statement. Adhere to all confidentiality and HIPAA requirements as outlined within Inovalon's Operating Policies and Procedures in all ways and at all times, with respect to any aspect of the data handled or services rendered in the undertaking of the position. Fulfill those responsibilities and/or duties that may be reasonably provided by Inovalon for the purpose of achieving operational and financial success of the Employer.

Job Requirements: Minimum of 5 years of experience with a thorough understanding of IT audit principles and practices. Proficiency and experience in the execution of dynamic controls frameworks and regulatory standards to include but not limited to ISO, SOX, SSAE 18, COBIT, NIST, HIPAA, PCI, HITRUST, and other relevant industry regulations, standards, and guidelines. Proficiency, and experience devising and using information security risk management tools and related methodologies to include GRC tools and applications. Excellent written and verbal communication and organizational skills. Outstanding work ethic, proactive mind-set, self-motivated, inspirational, enthusiastic, reliable, adaptable, and a promoter of information security. Strong team player that collaborates well with others to solve problems and actively incorporate input from various sources. Demonstrable strong leadership skills. Ability to think strategically and analytically, work with a sense of urgency and attention-to-detail. Independent thinking, willingness to "step outside the box" and take reasonable, calculated risks.

Education: Bachelor's Degree in Technology, Business, Finance/Accounting, or related field, equivalent experience may be considered.

Physical Demands and Work Environment: Sedentary work (i.e. sitting for long periods of time). Exerting up to 10 pounds of force occasionally and/or negligible amount of force. Subject to inside environmental conditions. Travel for this position will include less than 5% locally usually for training purposes.

Inovalon Offers a Competitive Salary and Benefits Package In addition to the base compensation, this position may be eligible for performance-based incentives. The actual base pay offered may vary depending on multiple factors including, but not limited to, job-related knowledge/skills, experience, business needs, geographical location, and internal equity. At Inovalon, it is not typical for an individual to be hired at or near the top end of the range for their role, and compensation decisions are dependent upon the facts and circumstances of each position and candidate. Inovalon invests in associates to help them stay healthy, save for long-term financial goals, and manage the demands of work and personal commitments. That's why Inovalon offers a valuable benefits packagewith a wide range of choices to meet associate needs. Base Compensation Range $115,200—$160,000 USD

Studies have shown that women and people of color are less likely to apply for jobs unless they believe they meet every one of the qualifications listed in a job description. If you don't meet every qualification listed but are excited about our mission and the work described, we encourage you to apply regardless. Inovalon is most interested in finding the best candidate for the job and you may be just the right person for this or other roles. By embracing diversity, equity and inclusion we enhance our work environment and drive business success. Inovalon strives to reflect the diversity of the communities where we operate and of our clients and everyone whom we serve. We endeavor to create a culture of inclusion in which our associates feel empowered to bring their full, authentic selves to work and pursue their professional goals in an equitable setting. We understand that by fostering this type of culture, and welcoming different perspectives, we generate innovation and growth. Inovalon is proud to be an equal opportunity workplace and is an affirmative action employer. We are committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity or Veteran status. We also consider qualified applicants regardless of criminal histories, consistent with legal requirement. The Company maintains a drug free work environment for all of its associates, which includes employees, contractors and vendors. It is unlawful for associates to manufacture, sell, distribute, dispense, possess or use any controlled substance or marijuana in the workplace and doing so will result in disciplinary action, up to and including termination of employment or the contracted relationship. To review the legal requirements, including all labor law posters, please visit this link