Sr, IT Auditor
Availity delivers revenue cycle and related business solutions for health care professionals who want to build healthy, thriving organizations. Availity has the powerful tools, actionable insights and expansive network reach that medical businesses need to get an edge in an industry constantly redefined by change.
The Sr. IT Auditor supports the work of the Chief Audit Executive and performs a variety of audits encompassing information technology and security, and compliance/regulatory activities. This position will lead and complete activities in the IT Audit Plan. This position includes internal and external customer interface, and as such requires strong professional presence, communication and decision making skills. The Senior IT Auditor will be capable of identifying and addressing audit issues across a variety of business areas and risk exposure. A broad understanding of Information Technology, security and controls to perform the following duties: Conduct enterprise-wide audits and coordinate accreditations, certifications, assessment, and audits by third parties, including but not limited to health plans with audit rights, external financial auditors, SSAE-16, HIPAA, HITECH/ACA, EHNAC, HITRUST, PCI, internal audits. • Analyze and classify information from third party supplier/vendors and determine remediation activities, and monitor controls to ensure they are adhered to according regulatory requirements that include relevant state and federal laws and regulations, standards, and internal policies and procedures. • Assist with legal contract due diligence for third party assurance and audit due diligence process.
- Manage the intake, tracking, and documentation of Compliance and Audit issues and manage reporting for monthly Audit Issues Tracking and Corrective Action Plans.
- Execute audit programs covering assigned information technology aspects of the business including strategic audits, as well as identifying potential audit areas from a high level risk assessment review, including an annual Enterprise Risk Assessment.
- Propose and/or participate in Audit Department process improvements.
- Perform additional projects as assigned by the Director, IT Audit.
- Work in a team environment to assist in planning and auditing in accordance with accepted standards, reporting audit findings and making recommendations for correcting and improving operations and reducing costs.
The above cited duties and responsibilities describe the general nature and level of work performed by people assigned to the job. They are not intended to be an exhaustive list of all the duties and responsibilities that an incumbent may be expected or asked to perform.
EDUCATION AND EXPERIENCE
- At least 8 years of experience in audit, information security, risk management
- Bachelors Degree or equivalent experience
- Certified Information Systems Auditor (CISA) is required
- One or more of the following certifications is also preferred:
- Certified Information Systems Security Professional (CISSP)
- Certified Information Security Manager (CISM)
- HITRUST Practitioner
SKILLS AND KNOWLEDGE
- Able to demonstrate a comprehensive understanding of HIPAA privacy and security regulations, federal and state breach notifications, and other laws and regulations that control the privacy and security of information
- Demonstrates expertise in a variety of the field's concepts, practices, and procedures
- Experience with SSAE-16, HIPAA, HITECH/, EHNAC, PCI, HITRUST, internal financial audits.
- Strong understanding of business processes, internal control, compliance programs and audit processes
- Relies on experience and judgment to plan and accomplish goals.
- Ability to maintain confidentiality of highly sensitive information
- Must have ability to communicate audit and control related concepts to a broad range of technical and non-technical staff
- Strong computer skills - Excel, Word, Access, PowerPoint, and SharePoint required.
- Working knowledge of risk-based control frameworks and assurance (COBIT, ITIL, COSO) and Internal Audit methodologies and processes.
- Ability to adapt to constantly changing priorities in managing a wide variety of projects
- Ability to demonstrate initiative, accountability and leadership
- Strong analytical and problem solving skills
- Excellent verbal and written communication skills with ability to communicate at all levels of the organization
- Sound decision making ability
- Ability to influence without authority
- Excellent planning and organizational skills
- Strong organizational and time management skills
- Ability to work effectively in a remote or virtual team environment
- Working knowledge of IT audit/security evaluation techniques and tools (HITRUST, ISO17799) is preferred
- Knowledge of information technology and business process evaluation and improvement techniques.
- Thorough understanding of application controls, IT operations and controls, system development life cycle, release management control procedures, and business continuity planning.
- Interact with all levels of management which may include senior management.
- Ability to travel up to 5% of the time.
Availity is an equal opportunity employer and makes decisions in employment matters without regard to race, religious creed, color, age, sex, sexual orientation, gender identity, gender expression, genetic information, national origin, religion, marital status, medical condition, disability, military service, pregnancy, childbirth and related medical conditions, or any other classification protected by federal, state, and local laws and ordinances.
Availity is a drug-free workplace. Candidates are required to pass a drug test before beginning employment.
NOTICE: Federal law requires all employers to verify the identity and employment eligibility of all persons hired to work in the United States. When required by state law or federal regulation, Availity uses I-9, Employment Eligibility Verification in conjunction with E-Verify to determine employment eligibility. Learn more about E-Verify at http://www.dhs.gov/e-verify.
Click the links below to view Federal Employment Notices.
Family & Medical Leave Act Equal Employment Law Poster Pay Transparency Employee Polygraph Protection Act IER Right to Work Poster Important Notice about Employee Rights to Organize and Bargain Collectively with Their Employers
Back to top