It Services Audit Analyst

Zelis is a healthcare information technology company and market-leading provider of end-to-end healthcare claims cost management and payment solutions.

COMPANY BACKGROUND/CULTURE

Zelis Healthcare is an information technology company which utilizes an end-to-end technology platform to fulfill the claims cost management and payments needs of healthcare payors including large and medium-sized health plans, TPAs, Taft-Hartley Plans, providers and individuals.  The company provides a comprehensive portfolio of network management, claims integrity, payment remittance solutions and analytical services for medical, dental and workers' compensation claims to over 500 payor clients.  Additionally, the company delivers electronic payments and explanation of payments to over 200,000 healthcare providers and serves individuals with provider lookup and medical referral services.

Position Overview

Support the Zelis SOC2 Audit Program and related IT general and application controls at the corporate level and distributed among the divisions and locations. Develop, implement and test controls for new acquisitions and in-scope entities.

Facilitating internal and external IT Services audits including Financial Audits (SSAE-16 SOC1) and Service Organization Controls (SOC2) audits. Help define remediation/mitigation for internally and externally identified audit and compliance deficiencies and track remediation progress

KEY RESPONSIBILITIES

• Assist in IT Services security and compliance controls assessment, testing and documenting IT security control and compliance requirements (e.g., HITRUST, HIPAA, etc.) and across SOX domains (e.g., logical access, change management, IT operations, and application development)

• Performing periodic testing of internal controls, developing audit workpapers and collecting collateral evidence.

• Assisting in building and maintaining state of art compliance frameworks in GRC tool (Service Now)

• Assisting in the development of policies and procedures that will help Zelis to adopt a risk-based mentality toward all day-to-day activities

• Consulting internal stakeholders regarding Compliance, Software Engineering, and Security requirements

• Working with external auditors to assist in the completion of annual compliance audits

PROFESSIONAL EXPERIENCE/QUALIFICATIONS

• BS Degree in Management Information Systems, Computer Science or a technology related field is strongly preferred

• 2+ years experience performing test of internal controls NIST 800-53, SSAE 16 (SOC2), ISO27001

• Amazing project management and organizational skills

• Strong technical, analytic, and communication skills (both written and verbal) Extreme attention to detail and nuance, with a working familiarity with compliance practices and tools

• You have or plan to obtain your CISA, CRISC, CISM, CISSP or other related certifications

• 2+ year's experience in IT audit specifically SOC2

• Direct experience working with SOC2 Trust Services Principle including Common Criteria, Availability, Confidentiality, Privacy, and Process Integrity.

• Experience with HITRUST CSF highly preferred

• Experience working with external auditors and customer audits

• Experience with GRC systems (Service Now preferred)

• Experience auditing IT processes, applications and infrastructure (servers, databases, data centers, firewalls, etc.)

COMPENSATION:

An attractive compensation package as well as comprehensive benefits plans are available to attract outstanding candidates.

Thank you for your interest in the Zelis team!