Skip to main content

IT Audit Specialist 1

The primary role of the Senior Associate of IT Audit is to enable the IT & Engineering teams to achieve their company business objectives while maintaining compliance with the regulatory requirements & contractual obligations.

As a pivotal member of the Enterprise Technology Governance team, the Senior Associate of IT Audit will be focused on driving the design, implementation, and adoption of the Enterprise Technology Governance Program while collaborating with members of IT, software engineers, product managers, auditors, and regulators to identify project scope, building a project portfolio plan, and executing that plan to completion.

The Senior Associate of IT Audit will design, implement, assess, enhance, and monitor the IT controls that DocGo is required to have in place due to regulations such as Sarbanes-Oxley (SOX), HIPAA/HITECH, GDPR & CCPA/CPRA, and ensure that these controls meet all of the requirements of IT control frameworks including ISO 27001, NIST 800-53, and NIST 800-171.

This role will require you to be adaptable, collaborative, decisive, able to deal with ambiguity, and have a great understanding of how complex cloud-native systems are designed to operate.

You will report to the Senior Manager of Technology Governance.

Responsibilities

  • Complete the day-to-day activities of the Technology Governance Team and collaborate with the co-sourced Internal SOX IT Audit Team.
  • Coach & develop the members of the IT & Engineering teams regarding their understanding of the regulations that the organization must comply with, including the specific requirements of each regulation.
  • Work with the Senior Manager of Technology Governance to ensure that all audit escalations/issues are resolved.
  • Provide IT Management with status updates & reporting metrics for all key areas of the Enterprise Technology Governance program.
  • Create and implement processes that will improve personnel’s retention and performance.
  • Ensure accuracy and quality of work of the Technology Governance Team.
  • Demonstrate ability to respond to changing departmental needs.
  • Implement code of conduct and company values.
  • Support the development of an internal audit plan for the Enterprise
  • Assess the company’s compliance with the IT-related requirements of Sarbanes-Oxley
  • Assist with the SOX IT Controls Testing & Issue Remediation
  • Implement processes for the management of the Internal SOX IT Audit Team
  • Complete the activities involved with planning, executing, reporting, and monitoring the results of the 2023 SOX Audit
  • Work closely with the leaders of the impacted departments throughout the IT Audit process
  • Identify areas of improvement for existing IT processes, policies, and controls, and identify IT control gaps throughout IT environment.
  • Complete control testing workpapers and review prior period audit reports, SOC 1 & 2 reports from external vendors, and other compliance-related documentation to ensure that the organization remains compliant with all regulatory requirements and contractual obligations to external parties.
  • Develop, document, and communicate audit recommendations to departments heads and IT process/control owners.
  • Communicate and present the results of IT audits to IT Management
  • Monitor all known IT audit/compliance issues that have been identified, and proactively follow up with the corresponding Action Plan Owners for status updates on their remediation efforts
  • Conduct Learning & Development training sessions about SOX IT Controls, regulatory requirements, etc.
  • Other duties as assigned by IT Management and/or the Senior Manager of Technology Governance

Qualifications

  • Extensive knowledge (or experience working with) of:
    • The IT control requirements under Sarbanes-Oxley (SOX)
    • Auditing IT Controls associated with applications, services, & infrastructure (servers, databases, networks, firewalls, data centers, etc) that are hosted on-prem.
    • Auditing IT Controls associated with applications, services, & infrastructure that are hosted in a 3rd party vendor cloud environment.
      • SOC Report Reviews
      • CUEC mapping exercises
    • Single Sign-On (SSO) integrations
    • Data Warehousing concepts, objectives, & technologies
  • Must have technical experience that covers IT & software engineering fundamentals.
  • Clear and coherent in both written and verbal communication, to converse with software engineers and translate auditor requests and IT Controls into user stories with acceptance criteria.
  • Natural at team-level project management as well as broader enterprise-wide program management.
  • Can produce easy-to-understand reports for various stakeholders in leadership.
  • Can collaborate with IT teams, software engineers, product managers, infosec teams, data engineers, and other technical teams around you do their best work.
  • Can solve complex problems with others while using clear communication and structured thinking.

Screening Criteria

  • Bachelor’s degree in information technology or a related field.
  • A minimum of three (3) years of combined work experience in IT Audit and/or IT Compliance – SOC reports, SSO, SOX, and data warehousing
  • Must have a stable employment history.
Job Category: IT & Development
Job Location: WFH Permanent

Apply for this position

Allowed Type(s): .pdf, .doc, .docx