Senior IT Internal Auditor

About The Position

Requirements

• Bachelor’s degree in Information Systems, Computer Science, Accounting, or related field.
• Three years of IT audit experience, preferably in healthcare.
• Strong knowledge of IT general controls (ITGC), cybersecurity frameworks, and healthcare IT systems.
• Experience with vulnerability assessments, data privacy controls, and change management processes.
• Proficiency with audit tools, SQL, Microsoft Office, and database applications including data analysis software.
• Excellent analytical, communication, and report‑writing abilities.
• Strong judgment, attention to detail, and ability to manage multiple projects independently.

Nice To Haves

• CISA (Certified Information Systems Auditor)
• CISSP (Certified Information Systems Security Professional)
• CIA (Certified Internal Auditor)

Responsibilities

• Assists Internal Audit leadership in the development and execution of risk‑based IT audit plans aligned with departmental standards and healthcare regulatory requirements.
• Identifies key controls, risks, and audit objectives; design audit programs tailored to healthcare IT environments.
• Conducts audits of IT systems, applications, databases, and infrastructure, including EHR/EMR platforms, cybersecurity controls, and data privacy processes.
• Assesses IT risks related to data privacy, cybersecurity, change management, business continuity, and system access.
• Ensures compliance with HIPAA, NIST, and internal policies.
• Prepares clear, concise audit reports summarizing findings, risks, and recommended corrective actions.
• Collaborates effectively with cross‑functional teams and influence stakeholders.
• Partners with IT, cybersecurity, compliance, and clinical operations teams to evaluate new systems, security enhancements, and major IT initiatives.
• Coordinates with external auditors to support reliance on internal IT audit work.