Overview: The IT Audit & Assurance Manager (individual contributor role) scope focuses on the technology and security audit programs and activities for Inovalon. This role will execute the HITRUST program across the organization with a focus on the creation of programs and processes. Additional activities include supporting strategic and technical initiatives, supporting leadership in planning, implementation, and execution of the internal audit strategy delivering, and driving focused compliance and controls programs.

Duties and Responsibilities:

• Lead the execution of the HITRUST program across the organization:
• Lead and execute both moderately and highly complex reviews for HITRUST CSF validated and certified assessments and Interim assessments.
• Support the delivery of professional services projects by participating in the planning, execution, and reporting of the HITRUST validated assessment and final report.
• Create governance for HITRUST program; validate, support, and improve its operations. Work with external teams to ensure compliance with the HITRUST program audit controls.
• Contribute to the production and improvement of the content, quality, and timing of audit and compliance analysis and reporting. Plan and support the execution of risk mitigation actions established as the result of audit findings.
• Evaluate the design and effectiveness of Technology controls throughout the business cycle. Identify and communicate Technology audit findings to senior management and support remediation effort.
• Perform regular audit project and program reviews, and accurately communicate the status of projects in both formal and informal settings throughout project lifecycle. Develop project plans, estimations, specifications, flowcharts, and presentations.
• Actively participate in the continuous enhancement of the Security Compliance Program by maximizing opportunities to improve and implement automated
• Document and track all gaps identified during ongoing control monitoring to meet audit, compliance, and legal requirements. Identify performance improvement opportunities for assigned projects.
• Build rapport, credibility, and cohesion across all business unit teams and IT teams while managing the audit projects.
• Manage relationship and work with third party audit firms on audit specific projects.
• Support the assurance that external teams have the required audit control details to meet the control requirements.
• Contribute towards the execution of activities including the identification of audit gaps, the development of remediation plans, documentation, monitoring compliance status, and ultimately provide attestation of
• Periodically report progress to management and assesses and measures results related to audit activities.
• Perform tasks as set forth by the Security, Risk and Compliance Head.
• Maintain compliance with Inovalon's policies, procedures and mission
• Adhere to all confidentiality and HIPAA requirements as outlined within Inovalon's Operating Policies and Procedures in all ways and at all times, with respect to any aspect of the data handled or services rendered in the undertaking of the position.
• Fulfill those responsibilities and/or duties that may be reasonably provided by Inovalon for the purpose of achieving operational and financial success of the

Job Requirements:

• Minimum of 5 years of experience with a thorough understanding of IT audit principles and practices.
• Proficiency and experience in the execution of dynamic controls frameworks and regulatory standards to include but not limited to ISO, SOX, SSAE 18, COBIT, NIST, HIPAA, PCI, HITRUST, and other relevant industry regulations, standards, and guidelines.
• Proficiency, and experience devising and using information security risk management tools and related methodologies to include GRC tools and applications.
• Excellent written and verbal communication and organizational skills.
• Outstanding work ethic, proactive mind-set, self-motivated, inspirational, enthusiastic, reliable, adaptable, and a promoter of information security.
• Strong team player that collaborates well with others to solve problems and actively incorporate input from various sources.
• Demonstrable strong leadership skills.
• Ability to think strategically and analytically, work with a sense of urgency and attention-to-detail.
• Independent thinking, willingness to "step outside the box" and take reasonable, calculated risks.

Education:

• Bachelor's Degree in Technology, Business, Finance/Accounting, or related field, equivalent experience may be considered.

Physical Demands and Work Environment:

• Sedentary work (e. sitting for long periods of time).
• Exerting up to 10 pounds of force occasionally and/or negligible amount of force.
• Subject to inside environmental conditions.
• Travel for this position will include less than 5% locally usually for training purposes.