Inovalon

Senior Risk and Compliance Analyst

US-MD-Bowie
Requisition ID
2017-7806
Category (Portal Searching)
Information Technology

Overview

The purpose of the position is to partner with technology, business groups, and project teams to serve as a “trusted advisor and consultant” in order to ensure Inovalon maintains compliance with internal and external requirements such as privacy, security, and control standards and best practices. In addition, a significant part of this job entails supporting on-going security, privacy, risk, and internal control projects across the company in a consultation role in order to increase Inovalon’s security posture and ensure the company is not at risk or exposed to threats / vulnerabilities. The position must be able to build working relationships, drive change at various levels of management and on an enterprise scale, and be seen as a trusted security, risk, compliance advisor.

Responsibilities

  • Plan and manage the execution and delivery of risk-based IT assessment and compliance reviews, which may include IT general control, IT application control, IT infrastructure, and IT operational process reviews, IT governance & strategy design assessments, and SOX compliance related activities;
  • Capture and refine IT compliance and risk requirements and ensure that the requirements are integrated into Inovalon products and information systems through purposeful security architecting, design, development, and configuration;
  • Ensure compliance with Inovalon’s IT policies and procedures, applicable laws and regulations, and keep current on compliance-related areas;
  • Prepare deliverables, reports, for review by the Risk and Compliance management and senior leadership that include issues, trends and other micro/macro level risks identified through the execution of IT internal control work and other assurance-related activities;
  • Assist with Inovalon's HITRUST Enterprise Implementation Program;
  • Contribute "best practices" in terms of findings, checklists, templates, testing methods, and techniques to support and advance a "best of breed" Risk Assessment Program;
  • Assist in the preparation and coordination of third party audits and assessments, including client on-site visits, third party security/risk questionnaires and desktop reviews as well as in the preparation of regulatory external audits such as SSAE 16 and Sarbanes-Oxley;
  • Serve as a trusted advisor and consultant between various groups such as Technology, Finance, and Operations; and
  • Serve as a security, risk, and compliance consultant and expert to help enterprise wide project and tiger teams drive the effectiveness of our security and privacy programs.

Qualifications

  • Bachelor’s or Master's Degree with 3 to 5 years of relevant experience;
  • Experience working within the areas of Internal Audit, Technology Governance, Risk Assurance, and/or Internal Controls. Health-care industry experience is a plus;
  • Articulate communicator, demonstrating mastery of both spoken and written English, with the ability to tailor deliverables appropriately for audiences ranging from technical to senior executive;
  • Strong critical thinking skills; ability to quickly comprehend problems, develop hypotheses, draw logical conclusions, develop solutions, and respond accordingly;
  • Proven history of being a self-starter: pro-actively identifying problems, determining pragmatic solutions, identifying and obtaining needed resources, and executing with little or no supervision;
  • Must have a demonstrated hands-on approach and success in working in a team-based environment and to partner with others to promote an environment of teamwork;
  • Proven ability to manage multiple projects and work-streams concurrently and successfully;
  • Security and Audit-related certifications, such as CISA, CISSP, CRISC;
  • An in-depth understanding of core information technology processes and controls, current trends in corporate information technology and emerging themes in the market place;
  • Familiar with key regulations and standards such as HITRUST, HIPAA, NIST 800-53, NIST CyberSecurity Framework, Sarbanes-Oxley, and other compliance requirements; and
  • Experience in a consulting role with a Big 4 accounting/advisory firm a plus.

Inovalon provides equal employment opportunities (EEO) to all employees and applicants for employment. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, or protected veteran status and will not be discriminated against on the basis of disability.

Options

Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed