We’re looking for an enthusiastic, highly motivated and detail-oriented person to join the Compliance and Audit team as our new Senior IT Security Auditor. This role reports to the Senior Director of Compliance and Audit, and will serve as a core member of the Audit function by identifying areas of risk and by making valuable recommendations on controls across all aspects of our rapidly growing business.
- Work collaboratively with Legal/Compliance, IT Security and Engineering management regarding general controls reviews and assessments, which may include participating on any related teams on a consultative basis;
- Develop test plans for internal IT and Security processes related to Amazon Web Services (AWS) infrastructure and services.
- Design, conduct, and document audits of internal IT and Security processes to ensure compliance with HIPAA and based on identified risks;
- Perform technical testing of IT Security and IT controls in partnership with the IT Security or Engineering teams;
- Design, test, and document key IT systems and process compliance controls for both homegrown and off-the-shelf systems; this includes assessing and evaluating potential application risks and controls and providing recommendations for risk mitigation;
- Collaborate with internal stakeholders to assist in the development of management action plans to mitigate risks
- Conduct regular reviews of risk treatment plans and timelines ensuring compliance with policies and procedures.
- Help shepherd Omada’s annual risk assessment through focusing on IT risks (cyber security, data protection and confidentiality, technology change, technology reliability, etc.);
- Communicate audit and client expectations regarding deliverables, timing, and benefits to the organization - audits results will be communicated objectively, concisely, clearly, and accurately;
- Anticipate potential roadblocks and issues, and provide reasonable suggestions and alternatives.
- Help to create and participate in system development audits to ensure controls are considered and implemented as part of the system development life cycle process.
- Apply information systems development, implementation and operation control concepts in a variety of settings and assess the exposures from ineffective or missing control practices
You will love this job if you have:
- 5-8+ years of related, applicable experience in auditing information systems and/or cyber security or auditing.
- Previous experience may include a mixture of public accounting, information systems work, and/or IT Internal Audit functions;
- A CISA credential, or being on the path to it, is a strong plus;
- Experience with a regulated industry is also a plus, and experience with the healthcare industry a strong plus;
- Knowledge of AWS, RDS, Linux and AuditD
- Knowledge and experience with professional standards, including IIA standards, COBIT, SOx, SOC, and/or HITRUST;
- Extensive knowledge of system development life cycle concepts with an ability to quickly learn a complex environment, including AGILE development and continuous integration concepts;
- A solid understanding of internal control concepts and the ability to systematically evaluate and evaluate the adequacy of controls by considering business and technology risks in an integrated manner;
- The ability to work autonomously through planning and executing audit projects from design to report-out.
- Competitive salary
- Stock options (extended post termination option exercise window for Omadans who are with us 3 years or more)
- Flexible vacation
- Parental leave
- Health, dental, and vision
- Healthy snacks and meals
- Wellness events (e.g. running club)
- Community volunteering
- 401k retirement savings plan
About Omada Health: We’ve pioneered digital behavioral medicine: an innovative approach to tackling the growing epidemic of type 2 diabetes, heart disease, and obesity. Our online programs combine world-class science, technology, and design to inspire and enable people everywhere to live free of chronic disease. Named one of Fast Company’s “50 Most Innovative Companies in the World,” our team includes passionate and talented individuals. Our approach has been embraced by major employers across the country, including Costco and Iron Mountain, as well as leading health plans, such as Kaiser Permanente and Blue Cross Blue Shield of Louisiana.
We carefully hire the best talent we can find, which means actively seeking diversity of beliefs, backgrounds, education, and ways of thinking. We strive to build an inclusive culture where differences are celebrated and leveraged to inform better design and business decisions. Omada is proud to be an equal opportunity workplace and affirmative action employer. We are committed to equal opportunity regardless of race, color, religion, sex, gender identity, national origin, ancestry, citizenship, age, physical or mental disability, legally protected medical condition, family care status, military or veteran status, marital status, domestic partner status, sexual orientation, or any other basis protected by local, state, or federal laws.