Owens & Minor, Inc. Montgomery , AL 36101
Posted 2 months ago
At Owens & Minor, we are a critical part of the healthcare process. As a Fortune 500 company with 50+ facilities across the US and 18,000 teammates in over 90 countries, we provide integrated technologies, products and services across the full continuum of care. Customers-and their patients-are at the heart of what we do.
Our mission is to empower our customers to advance healthcare, and our success starts with our teammates.
Owens & Minor teammate benefits include:
Medical, dental, and vision insurance, available on first working day
401(k), eligibility after 30 days of employment
Employee stock purchase plan
Tuition reimbursement
Development opportunities to grow your career with a global company
JOB SUMMARY
Responsible for contributing to the successful execution of the annual IT SOX Audit. Enforce all internal IT policies and confirm the organization acts in accordance with ITGCs, application controls, and applicable laws and regulations. Coordinate with External Audit, Internal Audit, and Management to conduct risk evaluations, execute walkthroughs, perform testing, and remediate identified deficiencies. Organize training programs and participate in the automation of manual review processes. Bring shadow IT processes developed by the business under IT standards and governance. Develop and maintain positive, effective working relationships between IT and business stakeholders by communicating IT activities, changes, educational materials, and other information.
ESSENTIAL DUTIES AND RESPONSIBILITIES
Motivated self-starter with a commitment to personal and professional improvement
Lead and complete audits (primarily SOX), ensuring timely execution of projects to agreed service levels, and proactively identify and minimize the probably of risk occurrences
Accountable for Management Reviews including Separation of Duties and Account Reviews (user, non-employee, administrative/privileged accounts, service accounts, servers, databases, etc.)
Interact with all IT groups as a subject matter expert in IT compliance and privacy regulations and associated audits including, but not limited to, SOX, HIPAA, HITRUST and CCPA (California Consumer Privacy Act)
Manage IT compliance initiatives and projects to ensure all regulatory audit and compliance requirements are met throughout the organization
Determine technology and process requirements to implement audit and compliance strategies
Apply in-depth knowledge of functional aspects of information systems security, risk management, and compliance
Assess Apria's IT environment against industry best practices and evolving compliance legislation or standards and lead the implementation of required changes or improvements
Automate manual Access Reviews by performing project management, configuration, and testing activities within the Saviynt Identity Governance and Administration module
Robust technical background with a deep understanding of implementing and assessing controls in complex cloud and legacy environments
Strong skills in security principles such as least privilege access, defense in depth, and preventative vs. detective controls
Proven track record of success/completion of healthcare compliance initiatives in a large, technology-driven organization
Create effective working relationships through open and timely information sharing and effective collaboration with internal and external customers to deal with ambiguity and establish clear strategy
Develop and maintain key relationships with IT Business Partners and core teams to gain oversight on new initiatives, manage cybersecurity risks, and promote a risk aware culture
OTHER DUTIES
Performs other duties as required, including but not limited to, providing assistance to IT Risk & Compliance Managers and Directors
SUPERVISORY RESPONSIBILITIES
MINIMUM REQUIRED QUALIFICATIONS
Education and/or Experience
Bachelor's Degree in a related field - preferably Accounting, Finance, Management Information Systems, or Computer Science - or 9 years of progressive work experience in the IT Audit Technology space
2-3 years supervisory experience
Proven experience with SOX, HIPAA, CCPA (California Consumer Privacy Act), NIST, ISO, and COBIT
Familiarity with auditing widely used server, platform, database, and end point technologies (e.g. Windows Server, Unix/Linux, SQL Server, Oracle DB, VMWare), as well as cyber security concepts
Understanding of IT Governance and IT Risk Management concepts
Experience managing and leading teams effectively
Outstanding communication (both spoken and written) and people skills
Experience managing large-scale projects in a team-oriented cross-organizational environment (this level of experience to have been gained by several years of information systems organizations)
Knowledge and working experience with privacy regulations, security audit/review processes, and applying corporate and federally mandated policies
Demonstrated ability to apply assessment measurement and evaluation techniques to ensure processes, systems, and applications meet business needs
Specific experience in the health care industry is desirable
Certificates, Licenses, Registrations or Professional Designations
CISA required
SKILLS, KNOWLEDGE AND ABILITIES
Essential Skills and Abilities
Excellent interpersonal, oral/presentation and written communications skills in both technical and non-technical language
Conceptual and analytical thinker; able to understand, analyze and synthesize complex business and technology issues and strategies
Ability to assist in Business Process Analysis for continuous process improvement
Ability to define problems, collect data, establish facts and draw valid conclusions
Ability to lead design solution sessions including its documentation and communicating solution to the business and stakeholders
Weigh business risks and enforce appropriate IT security policies and practices while maintaining the speed delivery that is inherent in a fast-paced company
Strong judgment and decision-making skills; be self-motivated with the ability to work independently and in teams with minimal direction but willingness to seek advice/assistance
Flexible and adaptable process-oriented work style; strong demonstrated work ethic; personal time management skills
Demonstrated work ethic that emphasizes customer focus, quality and continuous improvement
Technical Skills
Exceptional PC skills, especially Microsoft Office suite
AuditBoard experience
SharePoint and Box design skills and management
Data analysis and visualization
Ability to learn and effectively utilize new software and applications
Exposure to Saviynt or other IGA software
Language Skills
English (reading, writing, verbal)
Mathematical Skills
Basic level mathematical proficiency, with a strong ability to understand, interpret and develop spreadsheet data.
PHYSICAL DEMANDS
The employee uses computer and telephone equipment. Specific vision requirements of this job include close vision and distance vision. Must be able to travel by plane and automobile (if applicable).
The physical demands and work environment characteristics described above are representative of those an employee encounters while performing the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
If you feel this opportunity could be the next step in your career, we encourage you to apply. This position will accept applications on an ongoing basis.
Owens & Minor is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, national origin, sex, sexual orientation, genetic information, religion, disability, age, status as a veteran, or any other status prohibited by applicable national, federal, state or local law.
Owens & Minor, Inc.