Senior It Auditor Jobs

Ready to help us transform healthcare? Bring your true colors to blue.
***This position is eligible in the following personas: E-Worker, Mobile and Resident***
What we need
Internal Audit is part of the Audit, Risk Management, and Information Security (ARMIS) division, which is responsible for identifying, evaluating, and ensuring effective risk management. The Senior Auditor – IT and Security Audit reports to the Manager of IT and Security Audit and has the responsibility to plan, lead, and execute testing of IT and Security compliance audits including Model Audit Rule (MAR), HITRUST, Service Organization Control 1 and 2 (SOC1 and SOC2) type 2 audits, and other compliance and regulatory audits. This position collaborates with other associates and senior auditors to deliver operational readiness reviews, business risk assessments, and focused or targeted audits and procedures. The Senior Auditor – IT and Security Audit may also collaborate with the Financial Operations Audit team to perform IT related aspects of financial audits.
Your Day to Day:
1. Works under the direction of the audit manager to plan, conduct, support, and close engagements assigned within the overall audit plan. This includes the Model Audit Rule (MAR), SOC1, SOC2, and HITRUST requirements as well as other focused audits and consulting/advisory engagements.
2. Communicates progress, risks, issues, and changes proactively to leadership. Works with management to obtain responses and action plans.
3. Works with other audit team members to drafts audit communications including senior leadership dashboards, findings, process improvements, audit reports and other deliverables in alignment with ARMIS policies and procedures.
4. Ensures work is completed based on established policies and procedures, governmental regulations, and standards to ensure the design and operational effectiveness of internal controls.
5. Performs cross-functional control testing work and/or participates in projects with other teams within the ARMIS group (as needed).
This document is not an exhaustive list of all responsibilities, skills, duties, requirements, or working conditions associated with the job. Employees may be required to perform other job-related duties.
We’re Looking for:
Demonstrated ability to effectively collaborate with others and serve as contributing member of a project team.
Capable of dealing with and/or escalating problems that arise within the team or with the stakeholders while remaining in compliance with the BCBSMA code of conduct and employee handbook.
Ability to be flexible and reprioritize assignments and tasks based on personal assessments, deadlines, newly discovered (emerging) risks, and feedback from leaders.
Effective time and project management skills; must be reliable and able to handle multiple project assignments, deadlines, and tracking/monitoring/timely communication of project issues.
Ability to identify risks and formulate proposed action steps to be discussed with management.
Ability to develop and maintain positive relationships with peers, management, and external parties.
Ability to independently design audit work on low to med complexity projects. Completes projects that are complex (with appropriate leader input). Able to clearly and concisely populate risks and issues in risk register/issue log and work with management to obtain responses and action plans.
Ability to negotiate with ARMIS associates and BCBSMA stakeholders to reach agreement on findings, consensus on remediation timelines, and updates on action plans for closure of audit issues.
Capable of providing a detailed and meaningful performance assessment for each associate that is assigned to their project.
Advanced writing, presentation, and public speaking skills.
Proficient with Microsoft Office (Word, Excel, Access, Power Point, and Visio).
Data analytics, querying language, or programming language knowledge or experience is a plus.
What You Bring:
Bachelor's degree or equivalent experience in an IT or related field; graduate degree is a plus but not required.
Minimum 2-4 years of audit experience; experience with an audit firm and/or within healthcare are preferred.
Minimum 2 years of experience with general internal control requirements and frameworks, in-depth understanding of IT operations leading practices, and automated financial and information technology procedures and controls.
IT audit or security certification (such as CISA, CRISC, or CISSP) is strongly preferred.
#LI-REMOTE
Minimum Education Requirements:
High school degree or equivalent required unless otherwise noted above
Location Boston Time Type Full time
Salary Range: $93,420.00 - $114,180.00
The job posting range is the lowest to highest salary we in good faith believe we would pay for this role at the time of this posting. We may ultimately pay more or less than the posted range, and the range may be modified in the future. An employee’s pay position within the salary range will be based on several factors including, but limited to, relevant education, qualifications, certifications, experience, skills, performance, shift, travel requirements, sales or revenue-based metrics, and business or organizational needs and affordability.
This job is also eligible for variable pay.
We offer comprehensive package of benefits including paid time off, medical/dental/vision insurance, 401(k), and a suite of well-being benefits to eligible employees.
Note: No amount of pay is considered to be wages or compensation until such amount is earned, vested, and determinable. The amount and availability of any bonus, commission, or any other form of compensation that are allocable to a particular employee remains in the Company's sole discretion unless and until paid and may be modified at the Company’s sole discretion, consistent with the law.
WHY Blue Cross Blue Shield of MA?
We understand that the confidence gap and imposter syndrome can prevent amazing candidates coming our way, so please don’t hesitate to apply. We’d love to hear from you. You might be just what we need for this role or possibly another one at Blue Cross Blue Shield of MA. The more voices we have represented and amplified in our business, the more we will all thrive, contribute, and be brilliant. We encourage you to bring us your true colors, , your perspectives, and your experiences. It’s in our differences that we will remain relentless in our pursuit to transform healthcare for ALL.
As an employer, we are committed to investing in your development and providing the necessary resources to enable your success. Learn how we are dedicated to creating an inclusive and rewarding workplace that promotes excellence and provides opportunities for employees to forge their unique career path by visiting our Company Culture page. If this sounds like something you’d like to be a part of, we’d love to hear from you. You can also join our Talent Community to stay “in the know” on all things Blue.
At Blue Cross Blue Shield of Massachusetts, we believe in wellness and that work/life balance is a key part of associate wellbeing. We provide a flexible hybrid work model in which roles are designated as resident (on site 4-5 days/week), mobile (on site 1-3 days/week), or eworker (on site 0-3 days/month).