At Owens & Minor, we are a critical part of the healthcare process. As a Fortune 500 company with 50+ facilities across the US and 18,000 teammates in over 90 countries, we provide integrated technologies, products and services across the full continuum of care.

Customers-and their patients-are at the heart of what we do.Our mission is to empower our customers to advance healthcare, and our success starts with our teammates. Owens & Minor teammate benefits include:Medical, dental, and vision insurance, available on first working day401(k), eligibility after 30 days of employmentEmployee stock purchase planTuition reimbursementDevelopment opportunities to grow your career with a global companyJOB SUMMARYResponsible for contributing to the successful execution of the annual IT SOX Audit.

Enforce all internal IT policies and confirm the organization acts in accordance with ITGCs, application controls, and applicable laws and regulations. Coordinate with External Audit, Internal Audit, and Management to conduct risk evaluations, execute walkthroughs, perform testing, and remediate identified deficiencies. Organize training programs and participate in the automation of manual review processes.

Bring shadow IT processes developed by the business under IT standards and governance. Develop and maintain positive, effective working relationships between IT and business stakeholders by communicating IT activities, changes, educational materials, and other information.ESSENTIAL DUTIES AND RESPONSIBILITIESMotivated self-starter with a commitment to personal and professional improvementLead and complete audits (primarily SOX), ensuring timely execution of projects to agreed service levels, and proactively identify and minimize the probably of risk occurrencesAccountable for Management Reviews including Separation of Duties and Account Reviews (user, non-employee, administrative/privileged accounts, service accounts, servers, databases, etc.

)Interact with all IT groups as a subject matter expert in IT compliance and privacy regulations and associated audits including, but not limited to, SOX, HIPAA, HITRUST and CCPA (California Consumer Privacy Act)Manage IT compliance initiatives and projects to ensure all regulatory audit and compliance requirements are met throughout the organizationDetermine technology and process requirements to implement audit and compliance strategiesApply in-depth knowledge of functional aspects of information systems security, risk management, and complianceAssess Apria's IT environment against industry best practices and evolving compliance legislation or standards and lead the implementation of required changes or improvementsAutomate manual Access Reviews by performing project management, configuration, and testing activities within the Saviynt Identity Governance and Administration moduleRobust technical background with a deep understanding of implementing and assessing controls in complex cloud and legacy environmentsStrong skills in security principles such as least privilege access, defense in depth, and preventative vs. detective controlsProven track record of success/completion of healthcare compliance initiatives in a large, technology-driven organizationCreate effective working relationships through open and timely information sharing and effective collaboration with internal and external customers to deal with ambiguity and establish clear strategyDevelop and maintain key relationships with IT Business Partners and core teams to gain oversight on new initiatives, manage cybersecurity risks, and promote a risk aware cultureOTHER DUTIESPerforms other duties as required, including but not limited to, providing assistance to IT Risk & Compliance Managers and DirectorsSUPERVISORY RESPONSIBILITIESYesMINIMUM REQUIRED QUALIFICATIONS Education and/or ExperienceBachelor's Degree in a related field - preferably Accounting, Finance, Management Information Systems, or Computer Science - or 9 years of progressive work experience in the IT Audit Technology space2-3 years supervisory experienceProven experience with SOX, HIPAA, CCPA (California Consumer Privacy Act), NIST, ISO, and COBITFamiliarity with auditing widely used server, platform, database, and end point technologies (eg Windows Server, Unix/Linux, SQL Server, Oracle DB, VMWare), as well as cyber security conceptsUnderstanding of IT Governance and IT Risk Management conceptsExperience managing and leading teams effectivelyOutstanding communication (both spoken and written) and people skillsExperience managing large-scale projects in a team-oriented cross-organizational environment (this level of experience to have been gained by several years of information systems organizations)Knowledge and working experience with privacy regulations, security audit/review processes, and applying corporate and federally mandated policiesDemonstrated ability to apply assessment measurement and evaluation techniques to ensure processes, systems, and applications meet business needsSpecific experience in the health care industry is desirableCertificates, Licenses, Registrations or Professional DesignationsCISA requiredSKILLS, KNOWLEDGE AND ABILITIESEssential Skills and AbilitiesExcellent interpersonal, oral/presentation and written communications skills in both technical and non-technical languageConceptual and analytical thinker; able to understand, analyze and synthesize complex business and technology issues and strategiesAbility to assist in Business Process Analysis for continuous process improvementAbility to define problems, collect data, establish facts and draw valid conclusionsAbility to lead design solution sessions including its documentation and communicating solution to the business and stakeholdersWeigh business risks and enforce appropriate IT security policies and practices while maintaining the speed delivery that is inherent in a fast-paced companyStrong judgment and decision-making skills; be self-motivated with the ability to work independently and in teams with minimal direction but willingness to seek advice/assistanceFlexible and adaptable process-oriented work style; strong demonstrated work ethic; personal time management skillsDemonstrated work ethic that emphasizes customer focus, quality and continuous improvementTechnical SkillsExceptional PC skills, especially Microsoft Office suiteAuditBoard experienceSharePoint and Box design skills and managementData analysis and visualizationAbility to learn and effectively utilize new software and applicationsExposure to Saviynt or other IGA softwareLanguage SkillsEnglish (reading, writing, verbal)Mathematical SkillsBasic level mathematical proficiency, with a strong ability to understand, interpret and develop spreadsheet data.PHYSICAL DEMANDSThe employee uses computer and telephone equipment.

Specific vision requirements of this job include close vision and distance vision. Must be able to travel by plane and automobile (if applicable).The physical demands and work environment characteristics described above are representative of those an employee encounters while performing the essential functions of this job.

Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.If you feel this opportunity could be the next step in your career, we encourage you to apply. This position will accept applications on an ongoing basis.

Owens & Minor is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, national origin, sex, sexual orientation, genetic information, religion, disability, age, status as a veteran, or any other status prohibited by applicable national, federal, state or local law.SummaryLocation: Mechanicsville, VA; Charleston, WV; Madison, WI; Olympia, WA; Montpelier, VT; Nashville, TN; Pierre, SD; Columbia, SC; Providence, RI; Harrisburg, PA; Richmond, VA; Salem, OR; Oklahoma City, OK; Columbus, OH; Albany, NY; Carson City, NV; Santa Fe, NM; Remote - United States; Trenton, NJ; Concord, NH; Bismarck, ND; Helena, MT; Jackson, MS; St.

Paul, MN; Lansing, MI; Augusta, ME; Annapolis, MD; Boston, MA; Baton Rouge, LA; Frankfort, KY; Springfield, IL; Boise, ID; Des Moines, IA; Omaha, NE; Atlanta, GA; Tallahassee, FL; Dover, DE; Hartford, CT; Los Angeles, CA; Phoenix, AZ; Little Rock, AR; Salt Lake City, UT; Remote - Wyoming; Montgomery, AL; Denver, CO; Remote - District of Columbia; Raleigh, NC; Indianapolis, IN; Dallas, TX; St. Louis, MO; Remote - Puerto Rico; Kansas City, KSType: Full time.