Sr. IT Compliance Analyst
Location: Orange, California US
Job Number: 2030
Position Title: Sr IT Compliance Analyst
Our ideal candidate is an experienced IT assurance, IT audit or IT risk lead or manager whose career includes a broad range of hands-on experience working with a variety of business critical applications and IT environments preferably within regulated healthcare companies, including experience with PCAOB regulations, SOC1&2, ITGC's, SOX, HIPAA, HITRUST, PCI compliance and reporting, and internal controls over financial reporting.
- Conduct evaluations of IT risks and controls associated with both on premise and cloud infrastructure, and processes relating to HiTrust, SOX, HIPAA, ISO, NIST.
- Manage 3rd party data exchange relationships to ensure that data protection controls and documentation gaps are satisfactorily addressed.
- Facilitate regular meetings with business and IT stakeholders to track the progress of ongoing compliance and security remediation and planning efforts.
- Participate in security tooling and compliance automation implementation efforts.
- Update, establish and implement information security policy, standards and processes
- Act as a subject matter expert in understanding regulatory and IT risks, and how compensating controls or mitigating processes affect that risk.
- Facilitate resolution of IT audit, compliance, and information security-related issues and conduct periodic readiness testing of controls.
- Provide technical guidance to other DTS team members in managing compliant processes, build and run states.
- Assist in designing and oversight of technical compliance using vulnerability scans, penetration testing, application and infrastructure code reviews, etc.
- Evaluate, propose, and leverage resources and solutions where appropriate that are scalable and cost effective including in-house, on premise, cloud, hybrid, hosted, staffing, and sourcing solutions.
- Bachelor’s degree in a related field, or a minimum of 5 years related experience.
- Minimum of 5 years of hands-on experience in information technology required; demonstrating a steady growth of skills and responsibility around IT internal controls and processes.
- Minimum of 2 years of Audit and COmpliance experience, including knowledge and experience with PCAOB or HIPAA oriented regulations and requirements.
- Familiarity with control standards such as PCAOB/SOX, ISO 27001/2, SOC2, COBIT, HIPAA, PCI, NIST, CSA.
- Excellent oral and written communication skills; ability to present and discuss technical information in a way that establishes rapport and trust.
- Experience with Microsoft Azure or AWS.
- Prior experience in the Healthcare or a related HIPAA regulated industry.
- Experience with audit or compliance within DevOps oriented activities.
- One or more related GRC certifications or accreditations. (e.g., CISA, CIA, SANS, CISM, CISSP)
- Experience with SaaS, IaaS and other cloud-based platforms and tools.
- Creation of software development, release and change control processes and reporting.
- Ability to design and fit agile controls and lead IT audit engagements across many teams.
- Ability to multi-task and set workload priorities in a fast-paced and changing environment.
Location City: Orange
Location State: California
Community / Marketing Title: Sr. IT Compliance Analyst
Who is Alignment Healthcare?
- Socially responsible
- Technologically enabled
- Concierge care
- Servant leadership
We are dedicated to transforming the complex and confusing process of medical treatment in the United States so that every link in the health care continuum becomes more efficient, productive, and effective. We built a team of people who want to make a difference. Come join the team that is changing health care one person at a time.
We believe that great work comes from people who are inspired to be their best. We invite you to explore our wide variety of roles based on your unique experience.