Job details

Sr. IT Auditor

About DrFirst:

DrFirst is an innovative Health IT company with a mission to create user-friendly solutions so that doctors can treat their patients quickly, efficiently, and safely. Over 300,000 healthcare professionals, 120,000 prescribers, 67,000 pharmacies, and 60% of the healthcare IT vendors in the market depend on us every day to reduce clinical errors and improve patient outcomes.

Our culture is entrepreneurial, team-oriented, collaborative, and fast-paced. If you get excited about stretching yourself in new ways, developing yourself to your fullest potential, and care about working with smart colleagues; we want to talk to you!

Position Overview:

The Sr. IT Auditor will work with various stakeholders and external auditors to manage the plan and execution of security, and compliance audits of various internal DrFirst technical departments and processes. You will support internal and external auditing teams on a variety of internal audits, including operational and technical design reviews, as well as HITRUST, and SOC 1 and 2. You will follow standard auditing procedure and ensure practices align with risk management best practices for an industry leading Health IT company.

Who will love this job?:

An analytical thinker with strong problem-solving skills that pays attention to the details, employing logic and data to reach recommendations and decisions.
A self-starter who exhibits a can-do, team-oriented demeanor. Well organized and able to work effectively on multiple projects and project types, in a timely manner, with limited management oversight

A Trusted advisor with strong leadership acumen who always strives to do better tomorrow than today, and continuously improve his/her team’s knowledge and skills
A Team player who exhibits a can-do mentality and is always willing to help her/his teammates and collaborate with leaders, supervisors, and managers to achieve the company’s goals
A Team builder who enjoys recruiting and developing teams, attracting A-players from various disciplines

What you will work on:

Leading and managing all internal technical and security audits, including SOC1, SOC2, and HITRUST.
Schedule, manage, and execute multiple audits across different functions simultaneously.
Plan, execute and lead internal audits based on organizational policies and governmental regulations.
Inspect and assess controls and practices across technology, security and other operational areas of DrFirst.
Ensure compliance with established internal control procedures by examining records, reports, operating practices, and documentation.
Create, contribute to, and/or review written and verbal reports of audit findings and results

Accurately interpret audit results against defined criteria.
Work closely with IT professionals, managers, and executives.
Coordinate and manage the work of junior colleagues contributing to the internal audit processes.
Report progress and results of internal audit activities to executive leadership and department heads.
Performs thorough inquiry and data analysis to understand business operations, assess risk and develops project scope for complex process areas, leveraging business knowledge and expertise.

Apply appropriate audit procedures to the areas reviewed to ensure that controls are tested and all significant risks are addressed.
Prepare clear and well-organized audit work papers documenting root-cause, work performed, investigation summaries and recommendations.
Formulates appropriate conclusions and clearly documents findings based on testing results. Combines knowledge of Company operations with testing results to determine control effectiveness.
Assist less experienced team members in understanding and executing internal audit methodology and standards.
Identify opportunities for improvement to audit methodology, tools and training.

Support department objectives and perform other duties and responsibilities, as assigned.
Consistent exercise of independent judgment and discretion in matters of significance.
Other duties and responsibilities as assigned.

Qualifications:

4+ years experience with SOC1, SOC2, and HITRUST audits.
Professional industry experience in medical, healthcare or pharma, with a focus on software and technology.
HITRUST auditor certification/experience or experience working on security audits from an external audit firm like BDO.
Excellent written and verbal communication skills
Flexible and adaptable to a constantly shifting audit environment
Experience identifying control gaps, conducting root cause analysis, and implementing corrective action plans to mitigate identified gaps.
Experience with information technology controls (including security, network, computer operations, and maintenance controls).

Experience designing, executing, and managing control test plans and activities, and monitoring internal control environments at the entity level.
Knowledge of the International Standards for the Professional Practice of Internal Auditing and the Code of Ethics developed by The Institute of Internal Auditors.
Knowledge of management information systems terminology, concepts, and practices.
Able to negotiate issues and resolve problems.

Proficient knowledge of Microsoft Office to include Word, Excel, Access and Power Point and Microsoft Project.
Experience with JIRA or similar issue tracking technology
Able to multi-task several activities and duties simultaneously, and to act independently.
Able to function in a fast-paced environment, under short time constraints, and within established deadlines.
Experience with Fedramp is a big plus.

Physical Requirements:

#LI-GF1 #LI-Remote

Benefits:

We offer comprehensive benefits to keep you healthy as you grow in your life and career. Your merit-based compensation will reflect the impact your work has on the company and our customers.

Learn more about our benefits and professional development opportunities here.

DrFirst Glassdoor Company Review

3.6

DrFirst DE&I Review

No rating

CEO of DrFirst

G. Cameron Deemer

Approve of CEO

By DrFirst

DrFirst develops innovative solutions that help healthcare stakeholders solve workflow challenges. We are entrepreneurial, adaptable, seek opportunities, are willing to take risks, but “fail fast”. We are disciplined, driven, & accountable. We thi...

17 jobs

MATCH

Calculating your matching score...

INDUSTRY

Computer Hardware Development

TEAM SIZE

201-500

LOCATION

Hybrid, based in Rockville, MD

DATE POSTED

June 9, 2023