• IT Compliance Manager

    Job Location US-TX-Austin
    Job ID
    2018-14338
    # Positions
    1
    Posted Date
    2 months ago(10/2/2018 6:30 PM)
    Category
    Information Technology (IT)
  • Why Us?

    With a mantra of Empowering Human Potential, Hanger, Inc. is the world's premier provider of orthotic and prosthetic (O&P) services and products, offering the most advanced O&P solutions, clinically differentiated programs and unsurpassed customer service. Hanger's Patient Care segment is the largest owner and operator of O&P patient care clinics nationwide. Through its Products & Services segment, Hanger distributes branded and private label O&P devices, products and components, and provides rehabilitative solutions to the broader market. Built on the legacy of James Edward Hanger, the first amputee of the American Civil War, Hanger is steeped in 150 years of clinical excellence and innovation with a vision to be the partner of choice for products and services that enhance human physical capability. Collectively, Hanger employees touch thousands of lives each day, helping people achieve new levels of mobility and freedom.

     

    Hanger, Inc. is an equal opportunity employer - female/minority/disability/vet.

    Could This Be For You?

    The IT Risk Manager position at Hanger is part of the Corporate IT Security function. This role is primarily responsible for ensuring IT risks are managed in a consistent and integrated manner across various IT divisions. The IT Risk Manager will manage all aspects of IT risks within supported IT businesses. The successful candidate will have extensive experience in IT Risk, Compliance and Audit in a healthcare organization. The position will require the ability to effectively conduct IT risk audits, manage ITGC’s and manage multiple priorities efficiently while demonstrating excellent time management skills.

    Your Impact

    • Define, implement, operate and enforce appropriate controls throughout the IT organization, based on policies and standards developed by the IT Risk and Security team and Enterprise Architects.
    • Deliver best practice execution, interpretation and compliance with IT security policies and procedures, including Sarbanes Oxley (SOX) and risk management approaches.
    • Work directly with Internal Audit to ensure proper accounting of SOX documentation for ITGC’s to include IT Risk Control Matrix, ITGC Process Narratives, facilitate ITGC testing, mitigation and reporting.
    • Evaluate/interpret SOX IT Audit, PCI DSS and Privacy requirements and provide guidance to process and control owners on the objective / intent of the requirements.
    • Direct access reviews across all applications and systems to help better understand where unauthorized access is granted and can be removed.
    • Evaluate control deficiencies and track remediation to completion. Identify key IT risks and mitigation strategies.
    • Ensure compliance is in place for relevant security policies and procedures, including regulatory and legal requirements.
    • Responsible for understanding key controls for all in-scope IT processes. This includes ITGC testing, including test criteria/attributes as necessary. This also includes coordinating with the Process Owners to obtain the necessary documents for testing.
    • Inform CISO, IT and Hanger business stakeholders of any issues that may severely impact IT security or risk.
    • Work closely with the team to facilitate cross-functional coordination across various project plans and make sure that the scope and direction of each project is on schedule.
    • Work with managers of various business units to coordinate responses and develop action plans, as necessary, to respond to deficiencies and/or recommendations noted from internal, external audits, regulatory examinations, as well as deficiencies self-identified by management
    • Manage the IT security aspects of the disclosure of sensitive information or data to third parties
    • Manage and monitor the information security risk management process for IT services to define and implement an appropriate level of confidentiality, availability and integrity of Hanger data and systems for each service.
    • Participate and co-operate in internal and external security audits as required.
    • Champion security policies and standards within and outside Hanger IT as essential components in the delivery of IT to the business.
    • Lead, motivate, develop and appraise IT Risk team members so that their individual and collective performance is of the required standard and meets the current and future needs of the Hanger business.

    Minimum Qualifications

    • Bachelor’s Degree 
    • Minimum of 5 years of experience in IT risk management, audit, and/or compliance and knowledge of industry Risk and Control frameworks (e.g. COSO, COBIT, NIST, ISO)
    • Minimum of 5 years of SOX IT Controls and exposure to Security or IT audit activities
    • Minimum of 5 years of experience in operating, monitoring and enforcing security policies, standards, tools, controls and systems in large scale organizations
    • Minimum of 5 years of managing high performing teams.

     

    Additional Success Factors

    • Demonstrable understanding of information security and control principles and technology
    • Demonstrates excellent communication skills (written, verbal, presentation), context, content, audience, etc. and able to communicate with technical and not-technical personnel security risk and mitigation options. CISSP, CISA, or CISM preferred 
    • Considerable knowledge and experience in multiple aspects of information security and risk operations
    • Credibility and independent judgment and decision-making responsibilities on all information security matters
    • Ability to maintain current knowledge of all relevant security technology, operations and management developments and seek opportunities to deliver new technologies that benefit the Hanger business
    • Ability to operate effective security solutions that meet functional, technical, and performance requirements
    • Excellent performance management skills with the ability to coach direct reports to develop their capabilities
    • Relationship management skills, ability to build and create a strong internal network across levels within Hanger
    • Acknowledged as an expert in IT security threats and control strategies to cope with them
    • Act with integrity in all ways and at all times, remaining honest, transparent, and respectful in all relationships.
    • Keep the patient at the center of everything that you do, building lifelong trust.
    • Foster open collaboration and constructive dialogue with everyone around you.
    • Continuously innovate new solutions, influencing and responding to change.
    • Focus on superior outcomes, and calibrate work processes for outstanding results.

     

    Our Investment in You

    • Competitive salary.
    • Competitive health and insurance benefits.
    • Annual target bonus or commission.
    • Paid vacation and sick time.
    • Frequent company update talks with our leadership team.

     

     

    Hanger, Inc. is committed to providing equal employment opportunity in all aspects of the employer-employee relationship. All conditions and privileges of employment are administered to all employees without discrimination or harassment because of race, religious creed, color, age, sex, sexual orientation, gender identity, national origin, religion, marital status, medical condition, physical or mental disability, military service, pregnancy, childbirth and related medical conditions, special disabled veteran status, or any other classification protected by federal, state, and local laws and ordinances. The Company will comply fully with all applicable state or local fair employment laws that forbid discrimination or harassment on the basis of other protected characteristics. Retaliation against any employee for filing or supporting a complaint of discrimination or harassment is prohibited.​​

     

    #cb

    Options

    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed