IT Audit & Compliance Program Manager

Do you crave a career that truly makes an impact in people’s lives? Do you thrive on problem-solving and finding solutions? Join a dedicated, tight-knit team that creates an immediate and meaningful impact every day.

Leidos QTC Health Services is seeking an IT Audit & Compliance Program Manager to join our Privacy Team. You will evaluate the design and effectiveness of IT controls based upon industry best-practice models in accordance with compliance requirements. You will also lead efforts to ensure compliance with Sarbanes-Oxley (SOX) requirements and manage risk across the enterprise. This position provides a systematic, disciplined approach to the analysis of operational business and governance processes to conform to standards, regulations, and risk management frameworks.

Primary Responsibilities:

• SOX Audit Leadership: Lead efforts to ensure compliance with Sarbanes-Oxley (SOX) requirements, including the design, implementation, and testing of IT controls related to financial reporting.
• Risk Management: Develop and implement risk management strategies to identify, assess, and mitigate IT-related and other enterprise risks across the organization.
• Internal IT Audits: Plan, manage, and conduct internal audits, prepare written reports of audit findings. Evaluate systems and procedures to ensure compliance with sound management practices, IT department controls, and risk frameworks.
• Control Design and Effectiveness: Assess the reliability and quality of IT controls, accounting systems, and reporting systems. Develop and implement internal control procedures to address weaknesses and ensure compliance with legal and regulatory requirements.
• IT Audit Documentation: Prepare audit work papers in accordance with generally accepted auditing standards. Document performance through narrative reports, flow charts, and spreadsheets. Prepare audit reports identifying strengths, weaknesses, findings, and recommendations.
• External IT Audit Coordination: Oversee and coordinate audits conducted by external auditors, including SOX audits. Prepare RFPs and resulting contracts for services and serve as liaison during the audit process.
• Collaboration with IT: Work closely with the Information Technology Department to develop audit programs, determine scope, and establish approaches to conducting audits within constraints of time and staff availability.
• Compliance Management: Manage, track, and report on compliance with industry standards and regulations, including HIPAA, NIST 800-53, FISMA, and SOX.
• Risk Assessment and Reporting: Manage, track, and provide regular updates to senior management on risk exposure, audit findings, and compliance status.

Required Qualifications/Competencies:

• Bachelor’s degree from an accredited college in accounting, finance, business administration, or a technology-related discipline (e.g., Computer Science, Engineering, Information Systems) or equivalent experience/combined education.
• 14 years of progressively responsible internal auditing, compliance, and enterprise risk management experience, including experience in SOX compliance and information security risk management.
• Experience working with compliance frameworks such as HIPAA, NIST 800-53, COBIT, ITIL, FISMA, and other industry standards.
• Possess one or more of the following industry-recognized security qualifications: CISA, CISM, CRISC, or CISSP.
• Strong understanding of SOX requirements and IT general controls (ITGCs).
• Awareness of common exploits, vulnerabilities, and methods to prevent them.
• Proven ability to assess and mitigate IT risks and implement effective controls.
• Excellent written and verbal communication skills, with the ability to prepare detailed audit reports and present findings to senior management.
• Must be able to successfully pass a National Agency Check with Inquiries (NACI) background investigation.

About Leidos QTC Health Services

Leidos QTC Health Services collaborates closely with government and non-government customers to address current and future program needs within the health services domain. We specialize in disability-focused medical examinations, independent medical exams and review services, occupational health services, diagnostic testing, and case management solutions. As innovators, we focus on advancing technologies that improve service delivery, with a particular emphasis on enhancing accessibility for examinees in rural communities. With a proven track record of continuous improvement and steady growth, we now handle over 2 million appointments annually. Visit www.qtcm.com for more information.

Compensation and Benefits

Pay and benefits are fundamental to any career decision. That's why we craft compensation packages that reflect the importance of the work we do for our customers. As a result, we offer meaningful and engaging careers to support you and your career goals, all while nurturing a healthy work-life balance. Employment benefits include competitive compensation, Health and Wellness programs, Income Protection, Paid Leave and Retirement. More details are available here.

This role may fall under the Service Contract Act (SCA), a federal law which provides for a U.S. Department of Labor-prescribed minimum prevailing rate of pay and certain benefit levels. Where appropriate, Company-provided benefit plans such as comprehensive leave, holiday, medical, dental, life, accident, disability coverages, retirement plan contributions, and other health and welfare benefits and payments are utilized to meet these obligations. 

Commitment to Non-Discrimination

All qualified applicants will receive consideration for employment without regard to sex, race, ethnicity, age, national origin, citizenship, religion, physical or mental disability, medical condition, genetic information, pregnancy, family structure, marital status, ancestry, domestic partner status, sexual orientation, gender identity or expression, veteran or military status, or any other basis prohibited by law. Leidos QTC Health Services will also consider for employment qualified applicants with criminal histories consistent with relevant laws.