**Primary City/State:**
Phoenix, Arizona
**Department Name:**
Internal Audit
**Work Shift:**
Day
**Job Category:**
Finance
Great careers are built at Banner Health. There’s more to health care than doctors and nurses. We support all staff members as they find the path that’s right for them. Apply today, this could be the perfect opportunity for you.
Becker’s Healthcare recently honored Banner as one of 150 top places to work in health care for 2024, we are proud to offer our team members many career and lifestyle choices throughout our network of facilities. At Banner Health, we’re excited about what the future holds for health care. That’s why we’re changing the industry to make the experience the best it can be. If you’re ready to change lives, we want to hear from you.
This role is Hybrid working from home with an expectation to be onsite at the Phoenix Corporate Office 3-4 times a month. There is also potential for periodic travel to other locations to perform on site reviews. In this role you will coordinate, plans, and executes audits by working with managers and process owners to develop audit programs that document, assess, and test the effectiveness of key internal controls.
Within Banner Health Corporate, you will have the opportunity to apply your unique experience and expertise in support of a nationally-recognized healthcare leader. We offer stimulating and rewarding careers in a wide array of disciplines. Whether your background is in Human Resources, Finance, Information Technology, Legal, Managed Care Programs or Public Relations, you'll find many options for contributing to our award-winning patient care.
POSITION SUMMARY
This position is part of the organization's internal audit functions, with responsibilities including assessing key IT risks to the organization, planning IT related audits and evaluating the design and operating effectiveness of internal controls. Communicates audit results effectively, while providing meaningful recommendations and assisting management in developing risk mitigation action plans to strengthen the internal control environment for the organization. Works very closely with management and cooperatively with other departments (e.g. Compliance, Risk Management) and other service providers to ensure the timely completion of audits, projects and implementation of remediation action plans. This position will develop and execute audits to evaluate IT related controls and management mitigation actions plans to address risks and audit findings.
CORE FUNCTIONS
1. Audits IT processes and controls with a deep understanding of IT risk and control frameworks (example, COSO, CoBIT, ISO, NIST, PCI DSS).
2. Plans and executes IT related audits such as ITGCs, Application controls reviews, system configuration reviews, as well as perform Information Technology and Security risk assessments. Assessments include but not limited to access management; security policies and standards; security architecture; threat and vulnerability management; computer and data breach incident management; data protection; 3rd party/vendor management; security monitoring; security operations and administration; business continuity; disaster recovery; cloud security, cyber security; data security; network security; system security, technology operations and security awareness.
3. Coordinates, plans, and executes audits by working with managers and process owners to develop audit programs that document, assess, and test the effectiveness of key internal controls.
4. Communicates the audit plan and process so that those being audited understand the requirements and expectations. Listens effectively throughout the audit process in order to effectively evaluate the risks and controls. Communicates audit results throughout the audit life cycle with and management and issue final audit reports with minimum re-work and support of management.
5. Facilitates and/or provides advisory services to assist auditee in developing their mitigating plans to address audit findings and risks identified. Responsible for managing assigned audit findings and ensure remediation plans are completed by management on time to effectively mitigate the risk
6. Provides support to external technology, financial, compliance, and operational auditors in the performance of the audits they have been engaged to perform. This includes working and serving as liaison to technology and key business partners to ensure alignment and ongoing communication on security controls and risk mitigation.
7. This position interacts with a multitude of directors, managers and staff throughout the system depending on the area that is being audited. The diversity of areas that may be audited is significant. These areas range from Banner executives to operational management and staff, to executives and managers with external partners or companies, clinical departments such as pharmacy to the accounting treatment of specific transactions. The position will be required to work cooperatively with various external auditors.
MINIMUM QUALIFICATIONS
Requires a Bachelor's degree in Information Technology, Computer Science, Business, Accounting, Finance or other relevant field or equivalent experience.
Must possess one of the following certifications within 12 months of hire: Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), Certified Internal Auditor (CIA), Certified in Risk and Information Systems Control (CRISC) and/or Cloud/AI Certifications from AWS/Azure.
Must possess a proficiency level in analyzing and documenting business process controls, identifying risk and performance as generally achieved in five plus year’s public accounting and/or internal audit experience. Relevant experience in improving internal control processes is a job requirement. A solid track record of demonstrated career achievements and academic excellence are expected. The successful candidate should demonstrate excellent communication skills (both oral and written) and strong technical audit skills.
PREFERRED QUALIFICATIONS
Master's degree and/or professional designations such as Certified Public Accountant (CPA), Certified Internal Auditor (CIA), Certified Fraud Examiner (CFE), CISM, CRISC, CGEIT, CRMA are preferred. Also, knowledge of healthcare regulations (e.g. CMS, HIPAA, PCI, etc.) and health plans are a plus.
Additional related education and/or experience preferred.
**EEO Statement:**
EEO/Female/Minority/Disability/Veterans (https://www.bannerhealth.com/careers/eeo)
Our organization supports a drug-free work environment.
**Privacy Policy:**
Privacy Policy (https://www.bannerhealth.com/about/legal-notices/privacy)
EOE/Female/Minority/Disability/Veterans
Banner Health supports a drug-free work environment.
Banner Health complies with applicable federal and state laws and does not discriminate based on race, color, national origin, religion, sex, sexual orientation, gender identity or expression, age, or disability