Availity · 2 days ago

IT Auditor (Remote)

United States

Full-time

Remote

Mid, Senior Level

5+ years exp

Maximize your interview chances

FitnessHealth Care

Growth Opportunities

No H1B

Insider Connection @Availity

Discover valuable connections within the company who might provide insights and potential referrals.
Get 3x more responses when you reach out via email instead of LinkedIn.

Responsibilities

Conducting enterprise-wide audits and coordinating accreditations, certifications, risk assessments, and audits by third parties, such as SOC, HITRUST, EHNAC, FedRAMP, NIST and internal assessments, etc.

Monitoring controls to ensure they adhere to relevant industry security best practices, regulatory requirements that include relevant state and federal laws and regulations, standards, and internal policies and procedures.

Managing the intake, tracking, and documentation for Compliance and Audit issues and managing reporting for monthly Audit Issues Tracking and Corrective Action Plans.

Executing audit programs covering assigned information technology aspects of the business including strategic audits, as well as identifying potential audit areas from a high level risk assessment review, including an annual Enterprise Risk Assessment.

Proposing and/or participating in Audit Department process improvements.

Performing additional projects as assigned by the Director, IT Audit.

Working in a team environment to assist in planning and auditing in accordance with accepted standards, reporting audit findings and making recommendations for correcting and improving operations and reducing costs.

Adapting to constantly changing priorities in managing a wide variety of projects.

Qualification

Find out how your skills align with this job's requirements. If anything seems off, you can easily click on the tags to select or unselect skills to reflect your actual expertise.

AuditInformation SecurityRisk ManagementCISACISSPCertified Internal Auditor (CIA)Certified Information Security Manager (CISM)HITRUST PractitionerSOCHITRUSTEHNACPCICloud ExperienceAI ExperienceFedRAMPStateRAMPCOBITITILCOSOInternal Audit MethodologiesApplication ControlsIT Operations ControlsSystem Development Life CycleRelease Management Control ProceduresBusiness Continuity PlanningIT Audit Techniques

Required

5+ years of experience in audit, information security, and/or risk management

Bachelor Degree required or equivalent work experience

Certified Information Systems Auditor (CISA) or CISSP is required, or must be actively pursuing a CISA/CISSP and attain CISA/CISSP within 6 months of start date.

Must have strong IT, Security, and Cybersecurity risk and audit experience; AI and Cloud experience is highly desirable

Must have experience and ability to coach team members and provide first level reviews of team’s work products

Must have experience and ability to lead key meetings with company management and external parties

Must have the ability to train team members and also educate business partners on risks and controls

Should have experience with SOC, HITRUST, EHNAC, and PCI; experience with assessments related to Cloud, AI, and FedRAMP / StateRAMP is highly desirable.

Should have Working knowledge of risk-based control frameworks and assurance (COBIT, ITIL, COSO) and Internal Audit methodologies and processes.

Should have excellent verbal and written communication skills with ability to communicate audit and control related concepts to all levels of the organization.

Should have a thorough understanding of application controls, IT operations and controls, system development life cycle, release management control procedures, and business continuity planning.

Should have Working knowledge of IT audit/security evaluation techniques and tools