Manager, IT Risk and Controls DescriptionIf you want to achieve more in your mission of health care, you have to be really smart about the business of health care. Challenge yourself, your peers and our industry by shaping what health care looks like and doing your life's best work.(sm) Position SummaryWe are seeking a Manager, IT Risk and Controls for our Eden Prairie, Minnesota location responsible for performing annual and ongoing IT audit risk assessments. Facilitate planning IT audits. Determine audit scope and approach based on the risk assessments. Demonstrate and apply a clear understanding of internal control technical and regulatory requirements, including SOX, MAR, FDICIA, and SSAE16. Plan, initiate, and manage IT audit projects. Serve as liaison between business and technical aspects of projects. Plan project stages and assess business implications for each stage. Monitor progress to assure deadlines, standards, and cost targets are met. Implement initiatives to drive continuous improvement of financial reporting, in compliance with regulatory requirements including SOX and SSAE 16. Provide IT and internal audit advisory and assurance services. Work with Service Organization Control (SOC) reporting frameworks, financial statements, audit support, ERP implementation assessments, and IT and business process control assessments. Develop and implement ERP and Database technical audits, UNIX, LINUX, Windows, Mainframe technical audits, and business process testing. Responsible for identification and assessment of access and IT security controls, review of system development methodologies, and evaluation of program change controls and operational controls. Develop and maintain a collaborative relationship with Internal Audit and other risk and control professionals across the organization. Will ensure IT audit procedures completed by audit firms address the objectives, scope and risks of the audit program, and review documentation for adherence to expected standards and guidelines. Review all testing results and related conclusions. Prepare and educate business partners and control owners on requirements and expectations for IT internal controls assessments. Develop strong relationships with key business stakeholders to develop a thorough understanding of the business, and relevant IT risks and core processes. Manage team members, including performance reviews, skills assessment and development, and career mentoring. Ensure successful execution of the quarterly SOX self-certification process. Support management of ad-hoc projects to deliver improved processes and controls as requested by the business. Ensure accurate and timely reporting of control activities to the Director of IT Internal Controls and to business stakeholders. Support governance of the Optum's SSAE 16 and Control Reporting program including testing coordination with external auditor firms, business case review, and sign-off for newly proposed SSAE 16 or Control Report requests. Assist in monitoring and implementing new regulatory guidance in coordination with the external audit firms and the business owners. Manage a team of 2-3 Consultants and Senior Consultants, including performance reviews, skills assessment and development, and career mentoring.
QualificationsBachelor's degree or equivalent in Management Information Systems, Computer Science, or a related field. Must have 5 years related progressive, post-baccalaureate experience. Must also have 5 years of experience (which may have been gained concurrently) with each of the following: 1) Implementing initiatives to drive continuous improvement of financial reporting, in compliance with regulatory requirements including SOX and SSAE 16. 2) Providing IT and internal audit advisory and assurance services. 3) Service Organization Control (SOC) reporting frameworks, financial statements, audit support, ERP implementation assessments, and IT and business process control assessments. 4) Developing and implementing ERP and database technical audits, UNIX, LINUX, Windows and Mainframe technical audits, and business process testing. 5) Identification and assessment of access and IT security controls, review of system development methodologies, and evaluation of program change controls and operational controls. 6) Managing team members, including performance reviews, skills assessment and development, and career mentoring. 7) Must have CISA, CISSP or HCISPP professional certification. Employer will accept experience gained concurrently.Careers with Optum. Here's the idea. We built an entire organization around one giant objective; make health care work better for everyone. So when it comes to how we use the world's large accumulation of health-related information, or guide health and lifestyle choices or manage pharmacy benefits for millions, our first goal is to leap beyond the status quo and uncover new ways to serve. Optum, part of the UnitedHealth Group family of businesses, brings together some of the greatest minds and most advanced ideas on where health care has to go in order to reach its fullest potential. For you, that means working on high performance teams against sophisticated challenges that matter. Optum, incredible ideas in one incredible company and a singular opportunity to do your life's best work.(sm) Diversity creates a healthier atmosphere: UnitedHealth Group is an Equal Employment Opportunity/Affirmative Action employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, age, national origin, protected veteran status, disability status, sexual orientation, gender identity or expression, marital status, genetic information, or any other characteristic protected by law. UnitedHealth Group is a drug-free workplace. Candidates are required to pass a drug test before beginning employment.
Our mission is to help people live healthier lives and to help make the health system work better for everyone.- We seek to enhance the performance of the health system and improve the overall health and well-being of the people we serve and their communities. - We work with health care professionals and other key partners to expand access to quality health care so people get the care they need... at an affordable price. - We support the physician/patient relationship and empower people with the information, guidance and tools they need to make personal health choices and decisions.