Compliance Operations Analyst, Lead Job in Pleasanton, California US
Compliance Operations Analyst, Lead
The SOX and Compliance Consultant Lead provides subject matter expertise from technical, project management and business consulting perspective in support of Care Delivery BIO SOX and Compliance activities. Members of this team work across a number of Compliance related initiatives to ensure appropriate processes, procedures and controls are adequately designed, implemented or remediated to meet audit and compliance expectations (e.g.; SOX, PCI, HIPAA, etc.), operating efficiency goals, and other business objectives. The continued evolution of Health Care reform has driven unprecedented changes in the regulatory and Compliance landscape within the Health Care industry. In the Care Delivery BIO, you will be responsible for partnering with business and technology constituencies to address these evolving challenges by embedding risk management and compliance management competencies into day to day activities. The success of this team requires dedicated professionals who possess the analytical, feasibility, relationship and executive summary skills needed to form highly reliable risk management strategies to meet various SOX/Compliance requirements. At the Business Consultant - Lead level you will provide advanced compliance analysis and consultation for the Care Delivery BIO SOX and Compliance Organization. In addition, you will possess the analytical, feasibility, business case and executive summary skills needed to form highly reliable risk management strategies to meet various compliance requirements. Essential Functions: - Developing an in depth understanding of the broad regulatory landscape impacting KP business areas. Remain current with emerging regulatory sentiments as well as solution trends in the marketplace. - Assessing the impact of laws and regulations on KP systems and technology. Work with other risk organizations to shape organizational control policies and standards. - Perform risk/security assessment studies to validate perceived risks. Perform interviews, document design assessments, and walkthroughs of key controls (both new and existing). - Participate in cross-functional remediation teams in developing processes using requirements gathered from clients and engineering. - Exhibit pragmatism in formulating process remediation and implementation strategies, implementing work tracks; and submitting assessment findings and recommendations - Design sustainment strategies and measurement systems to ensure that Compliance requirements can continue to be maintained over time. - Develop and nurture trusted relationships with Business Partners, KP IT Executives, Security Compliance Officers and other Compliance Team Members to gain consensus approvals on strategies, recommendations, findings, project plans, etc. - Serve as Operations Analyst for the CD BIO SOX Compliance Team, supporting operations work streams such as: change population submission/annotation, control self assessment, document management, TIR support and evidence management, process map oversight, annual SOX certification. Day to day tasks include information gathering, documenting existing processes, follow-up and resolution of issues and recommendations in support of compliance operations; produce executive summary presentations. Other tasks will include working with other members of the SOX Compliance team, supporting the various application groups in the Care Delivery BIO. Work proactively with Compliance Program Managers to resolve issues. Qualifications: Basic Qualifications: - Bachelor's degree in related field and/or 4 years of equivalent experience. - 8+ years of experience in analysis of business processes and business case development to support IT solutions. - 3+ years technology risk management experience (e.g. Audit, Compliance, etc.) in a Public Accounting firm or a highly regulated industry. This would include the following disciplines:1) Current information security and compliance vendor landscape 2)Control frameworks such as COBIT and COSO 3)Regulatory requirements in particular, HIPAA, SOX, PCI-DSS, Privacy - Candidate should demonstrate versatility with a track record of experience in interpretation and application of a broad spectrum of regulatory imperatives. - Experience in performing broad scale, complex IT audit and compliance assessments with a strong preference for prior experience with one or more of the following disciplines: network security, configuration management, privacy, and access management. - Excellent written and verbal communication skills. - Strong client relationship focus with business sponsors, enterprise architects, and information security engineers to articulate business case and technology options. - Candidate functions effectively as an individual contributor. - Solid understanding of Enterprise Risk Management and Strategy frameworks as well as understanding of current enterprise threat scenario as related to healthcare - The Business Consultant Lead will be required to know or learn the KP-IT program and process methodology and to execute it within the established KP and KP-IT organizational framework and oversight processes. - Excellent MS Office skills especially in Excel, PowerPoint and Word. Preferred Qualifications: - Certified Information Security Analyst/Manager (CISA/M) designation - Experience in internal consulting and customer account management; defining engagement scope, negotiating commitments, gathering requirements, defining deliverables, designing integrated solutions, and overseeing technical implementations considered a plus - Strong information security background including current vulnerabilities