Compliance Analyst

Sorry, this job was removed at 04:44 p.m. (CST) on Friday, Oct 18, 2024
Hiring Remotely in CO
Remote
Internship
Food • Healthtech • Social Impact • Transportation
Our complementary healthcare technologies and services connect the underserved more equitably with care.
The Role

Are you passionate about making a difference in people's lives? Do you enjoy working in a service-oriented industry? If so, this opportunity may be the right fit for you!

This position is responsible for ensuring compliance with legal and regulatory requirements, including but not limited to Sarbanes-Oxley (SOX), HITRUST, and HIPAA. Responsible for documenting processes and gathering evidence to support the accurate and timely execution of IT General Controls for all technology related functions.

This role...

  • Creates policies, processes, and procedures to support internal and external IT audit control testing, including but not limited to; HIPAA, SOX, CCPA.

  • Analyzes and improves processes related to IT compliance testing to implement, measure and enforce IT policies.

  • Utilizes the Governance, Risk & Compliance (GRC) system to monitor, assign and gather evidence for IT compliance.

  • Responsible for all aspects of IT data collection for internal audit's Provided by Client (PBCs), working with internal teams to produce accurate data, and assuring a full and comprehensive PBC.

  • Routinely tests IT controls on pre-defined intervals (including ad hoc, daily, weekly, monthly, quarterly, and annually), ensures the health of all IT controls, and manages corrective action plans needed to address any control gaps, weaknesses, or failures.

  • Ensures customer compliance commitments are met at all times and supports interactions with customer audits.

  • All industry engagements and audits including SOC 2, HITRUST, ISO 27000, etc.

  • Gathers proof of timely and accurate completion of controls for HIPAA, SOX, and CCPA compliance.

  • Tracks key customer compliance requirements and performs customer compliance activities, such as periodically updating specific customers on security and compliance program performance per a given customer's request, to ensure compliance with our customer requirements.

  • Assesses and maintains IT security policies to align with a globally accepted best practice framework, such as NIST 800-53 or ISO 27000.

  • Ensures IT staff are adequately trained to understand the risks and controls for which they are responsible.

  • Prepares and reports metrics related to IT compliance management activities.

  • Develops, monitors, regularly reports, and ensures adherence to Objectives and Key Results (OKRs) and Key Performance Indicators (KPIs) for IT risk management.

  • Documents and enhances processes to:

    • identify, prioritize, and validate completion of remediation activities related to vulnerabilities.

    • prioritize, remediate and validate patches for operating systems, applications, and hardware in the enterprise.

    • assess third-party vendors with risk, security posture, and alignment with IT security policies.

  • Collaborates with internal team members to develop and manage all IT risk management Plan of Action and Milestones (POAMs).

  • Measures and quantifies risk to prioritize security awareness communications and training.

  • May lead projects and perform other duties as assigned.

  • Occasional business travel may be required.

We are interested in speaking with individuals with the following...

  • Bachelor's Degree preferred in Computer Science, Computer Engineering, or Information/Cyber Security, or equivalent combination of education, training, and experience.

  • Five (5) plus years of experience in a full-time Information Security compliance role.

  • ISC(2) CISSP certificate preferred.

  • ITIL & GIAC certificates preferred.

  • Or equivalent combination of education and/or experience.

  • Extensive expertise in identifying, documenting, and managing qualitative risk.

  • Strong understanding of normalized audit processes / methods, goals, motivations, and desired outcomes.

  • Expertise in regulatory requirements and industry standards such as HIPAA, HITRUST, SOX, SOC, NIST CSF, NIST 800-53, ISO 27000, & CCPA.

  • Able to build and maintain easy to understand, easy to follow, and easy to audit policies, procedures, controls, narratives, and other common components of an enterprise IT GRC program.

  • Ability to organize, manage and follow up on a large scale of assigned activities across multiple teams.

  • Effective communication (both verbal and written) across the organization, with the ability to collaborate with leadership and staff.

  • Proficient with Microsoft Office tools - Word, PowerPoint, Outlook, Excel, etc.

  • Completes project related deliverables in a thorough and timely manner.

  • Strong ability to use thinking and reasoning to solve issues.

  • Excellent ability to address the customers’ needs while following company procedures.

  • Ability to make critical decisions while following company procedures.

  • Strong attention to detail, while being thorough, accurate, organized and productive.

  • Demonstrated ability to complete assigned tasks under stressful situations.

  • Sets priorities and adapts to changes in a quick, professional manner; able to react to shifting priorities and multitask.

  • Deep expertise in quantitative risk, particularly in the FAIR model, is a strong plus.

Salary: $80,400.00 - 108,600.00

Bonus eligible based on company and individual performance.

Modivcare’s positions are posted and open for applications for a minimum of 5 days. Positions may be posted for a maximum of 45 days dependent on the type of role, the number of roles, and the number of applications received. We encourage our prospective candidates to submit their application(s) expediently so as not to miss out on our opportunities. We frequently post new opportunities and encourage prospective candidates to check back often for new postings. 


We value our team members and realize the importance of benefits for you and your family.

Modivcare offers a comprehensive benefits package to include the following:

  • Medical, Dental, and Vision insurance
  • Employer Paid Basic Life Insurance and AD&D
  • Voluntary Life Insurance (Employee/Spouse/Child)
  • Health Care and Dependent Care Flexible Spending Accounts
  • Pre-Tax and Post --Tax Commuter and Parking Benefits
  • 401(k) Retirement Savings Plan with Company Match
  • Paid Time Off
  • Paid Parental Leave
  • Short-Term and Long-Term Disability
  • Tuition Reimbursement
  • Employee Discounts (retail, hotel, food, restaurants, car rental and much more!)

Modivcare is an Equal Opportunity Employer.

  • EEO is The Law - click here for more information
  • Equal Opportunity Employer Minorities/Women/Protected Veterans/Disabled
  • We consider all applicants for employment without regard to race, color, religion, sex, sexual orientation, national origin, age, handicap or disability, or status as a Vietnam-era or special disabled veteran in accordance with federal law. If you need assistance, please reach out to us at [email protected]
The Company
Denver, CO
28,000 Employees
Hybrid Workplace
Year Founded: 1996

What We Do

Modivcare is leading the transformation to better connect people with care, wherever they are. We serve the most underserved by facilitating non-emergency medical transportation, monitoring, and personal and home care to enable greater access to care, reduce costs, and improve outcomes.

We believe social and economic factors such as where you live, work or learn should never be a barrier to care. These factors, known as the social determinants of health, lead to inequities in our healthcare system and it’s our mission to close that gap by making connections to care. To make a world of difference, one member at a time. That’s what drives us.

Why Work With Us

We work with a range of clients: public and private payers, health systems, hospitals and universities. All united in purpose to better connect people with care.

If you want your work to positively impact the lives of others, we want to hear from you.

Gallery

Gallery

Similar Jobs

Toast Logo Toast

Technical Compliance Analyst

Cloud • Fintech • Food • Information Technology • Software • Hospitality
Remote
United States
4500 Employees
100K-160K Annually

Accuris Logo Accuris

Legal Compliance Analyst

Information Technology • Machine Learning • Software • Conversational AI • Generative AI • Manufacturing
Remote
Colorado, USA
1200 Employees
70K-90K Annually

Ro Logo Ro

Sr. GRC Compliance Analyst

Healthtech • Pharmaceutical • Telehealth
Easy Apply
Remote
2 Locations
649 Employees
134K-158K Annually

Ōura Logo Ōura

IT Compliance Analyst

Artificial Intelligence • Information Technology • Machine Learning • Marketing Tech • Software • Biotech • Design
Remote
United States
670 Employees
94K-140K Annually

Similar Companies Hiring

Zealthy Thumbnail
Telehealth • Social Impact • Pharmaceutical • Healthtech
New York City, NY
13 Employees
Cencora Thumbnail
Pharmaceutical • Logistics • Healthtech
Conshohocken, PA
46000 Employees
ReUp Education Thumbnail
Social Impact • Edtech
Austin, TX
145 Employees

Sign up now Access later

Create Free Account

Please log in or sign up to report this job.

Create Free Account