Audit Analyst IV, IT

Description: Job Summary:

This position is remote however candidates must reside in the States that we operate in including; CA, HI, OR, WA, CO, MD and GA. In addition to the responsibilities listed below, this position is responsible for monitoring the progress of IT audit testing based on an approved test strategy, supporting test planning with Internal Audit Services, reporting the information out to appropriate parties as required, and assisting in managing/performing testing and general work paper reviews as required. This position will also support the IT control certification process and assist team members in the creation of documentation regarding IT control standards and guidance; developing stakeholder relationships across the organization to ensure a sustained understanding of IT control requirements in areas such as documentation and evidence; demonstrating an understanding of how business controls rely on applications; and conveying this understanding to both business and IT stakeholders. This position is also expected to participate in special projects and process improvement priorities in support of department objectives.

Essential Responsibilities:

• Practices self-development and promotes learning in others by proactively providing information, resources, advice, and expertise with coworkers and customers; building relationships with cross-functional stakeholders; influencing others through technical explanations and examples; adapting to competing demands and new responsibilities; listening and responding to, seeking, and addressing performance feedback; providing feedback to others; creating and executing plans to capitalize on strengths and develop weaknesses; supporting team collaboration; and adapting to and learning from change, difficulties, and feedback.


• Completes work assignments and supports business-specific projects by applying expertise in subject area; supporting the development of work plans to meet business priorities and deadlines; ensuring team follows all procedures and policies; coordinating resources to accomplish priorities and deadlines; collaborating cross-functionally to make effective business decisions; solving complex problems; escalating high priority issues or risks as appropriate; and recognizing and capitalizing on improvement opportunities.


• Supports assessment of organizational activities designed to add value and improve the organizations operations by identifying and evaluating risks and controls; and recommending improvements for the processes in focus.


• Leads or manages the field execution of diverse audits, reviews, and special projects by identifying key risks and assessment of project scope alternatives to identify an appropriate testing approach; leading the planning, scheduling, and field supervision of assigned projects; reviewing work papers or other documentation; and adhering to professional standards.


• Participates in department initiatives.

Minimum Qualifications:

• Bachelors degree in business or related field AND Minimum five (5) years audit or related business experience. Additional equivalent work experience in a directly related field may be substituted for the degree requirement.

Additional Requirements:

Preferred Qualifications:

• A minimum of 3 years of Cybersecurity experience performing assessments/audits or implementing security processes, controls and safeguards.
• Ability to perform as part of a team and work with external consultants to perform audits of Cybersecurity processes and controls.
• Demonstrated ability to explain and educate business unit and IT professionals about Cybersecurity controls, industry standards and related risks.
• Understanding of risk and control frameworks such as NIST Cybersecurity Framework and NIST 800-53.
• Excellent communicator with strong client relationship focus with business sponsors, enterprise architects, and information security engineers to articulate business case and technology options.
• Certified Information Systems Security Professional (CISSP), or Certified Information Security Management (CISM) certifications, HealthCare Information Security and Privacy Practitioner (HCISPP), HITRUST, Payment Card Industry Qualified Security Assessor/Internal Security Assessor (PCI QSA or ISA), Certified Cloud Security Professional (CCSP).
• Experience performing assessments/audits using NIST Cybersecurity Framework or NIST800-53 special publication.

Primary Location: California,Oakland,Ordway
Additional Locations:

California Service Center, 3840 Murphy Canyon Rd., San Diego,California, 92123
East Annex - Parsons, 75 N. Fair Oaks Ave., Pasadena,California, 91103
Kaiser Permanente Building, 500 NE Multnomah St., Portland,Oregon, 97232
Regional Admin Low Rise, 711 Kapiolani Blvd., Honolulu,Hawaii, 96813
Regional Office - 9 Piedmont, 9 Piedmont Center 3495 Piedmont Rd. NE, Atlanta,Georgia, 30305
Rockville Regional Offices, 2101 E. Jefferson St., Rockville,Maryland, 20852
Waterpark II, 2530 S. Parker Rd., Aurora,Colorado, 80014
Renton Administration - Adams, 2921 Naches Ave. SW, Renton,Washington, 98057
Scheduled Weekly Hours: 40
Shift: Day
Workdays: Mon, Tue, Wed, Thu, Fri
Working Hours Start: 08:00 AM
Working Hours End: 05:00 PM
Job Schedule: Full-time
Job Type: Standard
Worker Location: Remote
Employee Status: Regular
Employee Group/Union Affiliation: NUE-PO-01|NUE|Non Union Employee
Job Level: Individual Contributor
Specialty: Audit
Department: Po/Ho Corp - PO FIN-Internal Audit SVCS - 0308
Pay Range: $110000 - $142340 / year The ranges posted above reflect the location in the job posting. The salary range may vary if you reside in a different location or state than the location posted.
Travel: Yes, 15 % of the Time
Remote: Work location is the remote workplace (from home) within KP authorized states. Worker location must align with Kaiser Permanente's Authorized States policy. At Kaiser Permanente, equity, inclusion and diversity are inextricably linked to our mission, and we aim to make it a part of everything we do. We know that having a diverse and inclusive workforce makes Kaiser Permanente a better place to receive health care, a more supportive partner in our communities we serve, and a more fulfilling place to work. Working at Kaiser Permanente means that you agree to and abide by our commitment to equity and our expectation that we all work together to create an inclusive work environment focused on a sense of belonging and wellbeing.

Kaiser Permanente is an equal opportunity employer committed to a diverse and inclusive workforce. Applicants will receive consideration for employment without regard to race, color, religion, sex (including pregnancy), age, sexual orientation, national origin, marital status, parental status, ancestry, disability, gender identity, veteran status, genetic information, other distinguishing characteristics of diversity and inclusion, or any other protected status. Submit Interest

---