Technical Program Manager, IT Compliance
- Posted: over a month ago
Oscar is a small, fast-paced team using technology to revolutionize healthcare. As a Technical Program Manager, IT Compliance you'll play a key role in helping Oscar use cutting edge technology to solve problems, while maintaining regulatory compliance.
You'll be a pivotal part of our IT Governance team, focused on driving both our compliance and audit programs working with teams from engineers to auditors with identifying project scope, building a plan, and executing to completion.
You'll work on projects related to Sarbanes–Oxley (SOX), MAR, SOC 1, SOC 2, HIPAA Controls, Risk Assessments, and other health care, privacy, and financial regulatory compliance standards.
As a TPM, you will need to be adaptable, collaborative, be able to deal with ambiguity, and have a great understanding of how complex cloud-native systems work.
You will report into a leader in our IT Governance team.
This is a remote / work-from-home role. You must reside in one of the following states: Arizona, California, Connecticut, Florida, Georgia, Illinois, Maryland, Massachusetts, Michigan, New Jersey, New Mexico, New York, North Carolina, Ohio, Oregon, Pennsylvania, Rhode Island, Tennessee, Texas, Utah, Virginia, or Washington. Note, this list of states is subject to change. #LI-Remote
- Technical. You have hands-on practical, technical experience that covers engineering fundamentals. You can talk to engineers and translate the audit requests and IT Controls into user stories with acceptance criteria. You have experience with Cloud-native environments on AWS or GCP.
- Experienced. You have worked in a technical project or program management role for 5+ years related to IT Audit, IT Compliance, or health care regulatory compliance with full understanding of COBIT Controls. (Experience with specific Sarbanes–Oxley (SOX), MAR, SOC 1, SOC 2, and/or HIPAA Controls a plus).
- Organized. You are a natural at both team-level project management and broader program management. You know how to measure towards a deadline and can produce easy to understand reports for various stakeholders.
- Collaborative and Empathetic. You love helping engineers, IT, product managers, security, data engineers, and other teams around you do their best work. You solve problems with others using clear communication and structured thinking.
- A fast learner. Healthcare is complicated; you're excited to get into the details and find smart solutions. You are hands-on and willing to jump in to get the work done.
- An end-to-end thinker. You can look at a problem and create a solution all the way from top-level goals to nitty-gritty details.
Your day-to-day will include:
- Work internally with engineers, product managers, data scientists, internal auditors, risk, security, compliance, & legal to drive projects and initiatives related to regulatory compliance
- Work externally with vendors, external auditors, and partners to ensure IT Compliance requests are managed effectively with clear understanding of timelines and requirements
- Organize audit findings and observations related to IT/Tech, determine ownership and coordinate remediations through to completion
- Act as the security, privacy, and IT controls expert in a variety of different technical infrastructure systems
- Support our technical leadership (like our CTO) with appropriate reporting and clear status of where we are in our regulatory controls projects or audits
- Define and update official IT/Tech policies and procedures to ensure we are applying the correct controls
- Help teams across engineering and IT identify ways to increase compliance automation
- Help put in place and execute IT Audit checks of our SDLC, Incident Management, and other policies and procedures to catch issues before they arise
- Act as a thought leader for IT Governance, Audit, and Controls frameworks advising our team on what we should focus on next
- 5+ years' relevant work experience in program management with IT audit focus
- Experience working with software engineers and in a software development organization
- Experience auditing IT processes, applications and infrastructure (servers, databases, data centers, firewalls, etc.)
- Knowledge of COSO and COBIT control models
This is an authentic Oscar Health job opportunity. Learn more about how you can safeguard yourself from recruitment fraud here.
Life at Oscar:
At Oscar, being an Equal Opportunity Employer means more than upholding discrimination-free hiring practices. It means that we cultivate an environment where people can be their most authentic selves and find both belonging and support. We're on a mission to change health care -- an experience made whole by our unique backgrounds and perspectives.
We aim to make health care affordable and accessible for all, and apply this same vision to our perks and benefits, including: medical benefits, generous paid-time off, paid parental leave, retirement plans, company social events, stocked kitchens, wellness programs, and volunteer opportunities.
Oscar applicants are considered solely based on their qualifications, without regard to applicant's disability or need for accommodation. Any Oscar applicant who requires reasonable accommodations during the application process should contact the Oscar Benefits Team (email@example.com) to make the need for an accommodation known.
To protect the health and safety of our employees, we require any employee conducting in-person work* to be fully vaccinated against COVID-19 by their start date. If you are unable to be vaccinated due to medical or protected religious reasons, please reach out to our Benefits team at firstname.lastname@example.org to submit an accommodations request.
*Note: In-person work includes: employees required to work from our offices, employees conducting sales work in the field and employees conducting at-home or in-person visits with members.
AddressNew York, NY
TechnologyView all jobs at Oscar Health