Director, Controls Surveillance - IRMExpress Scripts Holding Company - Saint Louis, MO
Director, Controls Surveillance - IRM
Show me jobs like this one
ABOUT EXPRESS SCRIPTS
Advance your career with the company that makes it easier for people to choose better health. Express Scripts is a leading healthcare company serving tens of millions of consumers. We are looking for individuals who are passionate, creative and committed to creating systems and service solutions that promote better health outcomes. Join the company that Fortune magazine ranked as one of the Most Admired Companies in the pharmacy category. Then, use your intelligence, creativity, integrity and hard work to help us enhance our products and services. We offer a highly competitive base salary and a comprehensive benefits program, including medical, prescription drug, dental, vision, 401(k) with company match, life insurance, paid time off, tuition assistance and an employee stock purchase plan. Express Scripts is committed to hiring and retaining a diverse workforce. We are an Equal Opportunity Employer, making decisions without regard to race, color, religion, sex, national origin, age, veteran status, disability, or any other protected class. Applicants must be able to pass a drug test and background investigation. Express Scripts is a VEVRAA Federal Contractor.
ABOUT THE DEPARTMENT
Information Security prioritizes the protection and security of all client, patient and company information and data. They do this by proactively identifying the sophisticated landscape of threat actors and environmental risks associated with unauthorized access and service disruptions. This vital group focuses on preserving system reliability and business continuity, protecting the strong brand Express Scripts has in the marketplace, and maximizing the company's defenses against external and internal threats.
The Controls Surveillance Director leads a team committed to validating the effectiveness of the various IT Control frameworks within ESI and its subsidiaries. These frameworks include; Sarbanes-Oxley (SOX), Statement on Standards for Attestation Engagements 16 (SSAE 16), Payment Card Industry Data Security Standards (PCI), Health Information Portability and Accountability Act (HIPAA), Health Information Trust Alliance (HITRUST) CSF, and various other voluntary and mandatory requirements. This position will lead the team responsible for the planning, execution and communication related to the identification and remediation of various IT Control deficiencies. The Controls Surveillance team partners with other ESI compliance teams, the Information Risk Officers, IT, internal audit, business teams and external auditors to deliver solutions that manage risk for the entire enterprise. The Controls Surveillance Director, partnering closely with the Information Risk Officers, must also develop a compliance strategy so accountable control stakeholders are identified, educated, and prepared for their compliance obligations. ESSENTIAL FUNCTIONS
Accountable for the successful and timely completion of all Control Surveillance team activities
Responsible for the coordination, communication, scoping, execution and reporting of all pre-audit testing of ITGC's
Developing concise and meaningful weekly / monthly risk scorecards and project summaries for management and operations teams
Frequent management briefings across IT and business
Mentors and manages the other members in the Controls Surveillance team to develop their security, audit, and technical skills
Establishment of IT Controls baseline and reporting standards
Drive the scoping activities for each Control Surveillance audit
Collaborate with partners in security, IT, compliance, the business, internal audit and external auditors to determine audit scope and identify key controls that best balance the concerns of compliance and costs
Perform control reviews, conduct risk based analysis of gaps and oversee remediation activities
Performs risk assessments and security assessments of internal control processes against established standards and best practices.
Perform compliance assessments for internal business and IT projects to ensure compliance requirements are met.
Contribute in establishing policies and procedures necessary to ensure we meet our compliance requirements
Assists project teams in the implementation of security measures to meet corporate security policies, manage risk, and external regulations, e.g., Sarbanes Oxley, HIPAA.
Weigh business needs against compliance concerns and articulate issues and options to management
Active participation in strategic initiatives in accordance to the Information Risk Management group roadmaps
10 years of compliance or audit experience, including experience in audit or compliance for IT in at least three of the areas below Sarbanes-Oxley Act (SOX)
Health Insurance Portability and Accountability Act (HIPAA)
Statement of Standards for Attestation Engagements 16 (SSAE 16)
Payment Card Industry Data Security Standards (PCI)
Electronic Prescriptions for Controlled Substances (EPCS)
Audit program management experience
Experience as the lead for compliance and audit activities including direct management of the relationship with the external auditor
Knowledge of generally accepted Information Security controls (e.g. NIST 800-53, ISO 27001/27002)
Bachelor's degree in accounting, computer science, MIS, or equivalent work experience
Excellent organizational skills and ability to communicate with internal/external entities and executives
Effective leadership skills, demonstrated ability to coordinate people and teams to project/activity completion and the ability to work in a team environment, sharing workloads and responsibilities Bachelor's degree in Information Systems or related field
Big 4 experience preferred.
5 years experience as an IT or security practitioner in any of the following domains: General IT Security
6 days 11 hours ago
Express Scripts Holding Company
applyDirector, Controls Surveillance - IRM Express Scripts Holding Company - Saint Louis, MO, United States
Abbott Diabetes Care communicated a recall of certain FreeStyle® strips used in the FreeStyle® Blood Glucose Meter built into the OmniPod Personal Diabetes Manager (PDM). They have also recalled the FreeStyle Flash® Meter and FreeStyle® Classic meters. Both recalls are being issued because glucose level readings using these products may provide erroneously low results which if not recognized may pose significant risks to your health.
View More Jobs in Saint Louis, MO:
- View More Jobs in Saint Louis, MO
- More Director Controls Surveillance IRM Jobs in Saint Louis, MO
- More Accounting Jobs in Saint Louis, MO
- More Express Scripts Holding Company Jobs in Saint Louis, MO
View More Jobs in Missouri:
- View More Jobs in Missouri
- More Director Controls Surveillance IRM Jobs in Missouri
- More Accounting Jobs in Saint Louis, MO
- More Express Scripts Holding Company Jobs in Missouri