Modivcare is looking for an experienced Compliance Analyst. You will be responsible to ensure compliance with legal and regulatory requirements, including but not limited to Sarbanes-Oxley, HITRUST, and HIPAA. You will be responsible to document processes and gather evidence to support the accurate and timely execution of IT General Controls for all technology related functions. You will report to the Director of IT Governance, Risk and Compliance.
You will...

• Assist in creating desktop processes to support internal and external audit control testing
• Analyze and improve processes related to ITGC testing to implement, measure and enforce IT Policy
• Ensure all customer compliance commitments are met.
• Utilize the system to monitor, assign and gather evidence.
• Oversee the IT aspect of data collection for internal audit's PBCs, working with internal teams to produce accurate data
• Test IT controls on pre-defined intervals, ensure the health of all IT controls, and manage corrective action plans to address any control gaps, weaknesses, or failures
• Support all SOC 2, HITRUST, ISO 27000, etc. engagements & audits
• Assist as needed to gather evidence of the timely and accurate completion of controls for HIPAA, SOX, & CCPA compliance
• Track key customer compliance requirements & perform customer compliance activities
• Provide feedback to enhance and improve Security Policy to align with a globally-accepted best practice framework
• Provide knowledge and training for control owners to ensure they understand the risks & controls for which they are responsible
• Provide periodic report metrics related to IT compliance management activities
• Monitor, regularly report, and ensure adherence to OKRs & KPIs for IT GRC goals and objectives
• Assist in the development & management of all IT POAMs
• Assist and enhance processes to assess Third Party vendors for risk, security posture, and alignment with IT Security Policies

We are excited to speak to someone with the following...

• Bachelor's Degree in Computer Science, Computer Engineering, or Information Security / Cyber Security, or equivalentcombination of education, training, and experience
• Minimum 0 years of experience in a full-time Information Security compliance role
• High level understanding of normalized audit processes / methods, goals, motivations, and desired outcomes
• Some knowledge of regulatory requirements and industry standards such as HIPAA, HITRUST, SOX, SOC, NIST CSF, NIST 800-53, ISO 27000, & CCPA.

We value our team members and realize the importance of benefits for you and your family. Modivcare offers a comprehensive benefits package including the following:

• 3 Medical Plans with Prescription Drug Benefits
• 2 Dental Plans
• Vision Benefits
• Employer Paid Basic Life Insurance and AD&D
• Voluntary Life Insurance (Employee/Spouse/Child)
• Health Care and Dependent Care Flexible Spending Accounts
• Pre-Tax and Post -Tax Commuter and Parking Benefits
• 401(k) Retirement Savings Plan with Company Match
• Paid Time Off
• Paid Parental Leave
• Short-Term and Long-Term Disability
• Legal Services
• Critical Illness, Accident, Hospital Indemnity and Cancer Insurance
• Tuition Reimbursement
• Relocation Services
• Employee Discounts (retail, hotel, food, restaurants, car rental and much more!)

Modivcare. Because we care...always.
5 brands have joined together for one calling and we recognized an important need-to improve access to care by addressing the social factors that influence patient health outcomes. Our roots as a logistics leader have laid the foundation for our transformation into a tech-enabled healthcare company making better connections to care.
Salary: $53,557 - 78,550/annually
We are committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender, gender identity or expression, or veteran status. We are proud to be an equal opportunity workplace.
Modivcare requires all employees to be vaccinated for COVID-19. Modivcare is an equal opportunity employer and consistent with federal, state, and local requirements, will consider requests for exemptions from this policy as required under the law.