The Visiting Nurse Service of New York (VNSNY) is the nation's largest not-for-profit home- and community-based health care organization, serving the five boroughs of New York City, and Nassau, Suffolk, and Westchester Counties. For 125 years, VNSNY has been committed to meeting the health care needs of New Yorkers with compassionate, high-quality home health care. We offer a wide range of services, programs, and health plans to meet the diverse needs of our patients, members, and clients from before birth to the end of life.
Each day, more than 13,000 VNSNY employees- including nurses, rehabilitation therapists, social workers, other allied professionals, and paraprofessionals- deliver compassionate care, unparalleled medical expertise, and 24/7 solutions and resources to more than 48,000 patients and members, helping them to live the best lives possible in their homes and communities.
Oversees the day to day activities of the Information Technology audit functions including risk assessment, audit plan development, planning audits, executing audits and preparing audit reports. Develops and implements IT internal audit programs designed to review operations and safeguard assets of VNSNY, its affiliates and subsidiaries. Develops and oversees IT internal control evaluations and related IT risk assessments across the organization. Provides consultative services to senior leadership and staff to ensure the appropriate internal controls are in place to promote accountability, efficiency, effectiveness and compliance with established policies and procedures, as well as governing rules and regulations. Works under general direction.
Education:Bachelor’s degree in Accounting, Finance or Information Technology from an accredited college or university.A professional security, audit or control related professional certification, such as Certified Information Systems Auditor (CISA) or Certified Internal Auditor (CIA) required.
- Minimum of seven years of experience in Auditing, Accounting, Computer Science or Information Technology, of which a minimum of three years should be in IT Auditing in a corporate environment or with a Big 4 accounting firm required. Knowledge of IT General Control domains (access controls, systems development life cycle methodology, program changes, computer operations, network) required.
- Strong knowledge of the Standards for the professional practice of Internal Auditing and the Code of Ethics developed by the Institute of Internal Auditors required.
- Strong knowledge of generally accepted IT audit standards, statements and practices, and IT security and control practices required.
- Advanced knowledge of IT application controls, IT general controls, Cybersecurity, Cloud Computing as well as IT infrastructure including databases, networks and operating systems required.
- Understanding of advanced audit, accounting, and/or information system principles required.
- Demonstrated ability to effectively utilize automated audit tools (SQL, Access, ACL) required.
- Experience with audit engagement support tools including electronic work papers required.
- Also required are strong interpersonal and leadership skills, and the ability to work cross-functionally, manage multiple projects and deadlines required.
- Ability and willingness to learn quickly, work independently or as a member of a team required.
- Excellent analytical, written and verbal communication skills required in order to effectively communicate observations both informally and formally in audit reports required.
- Exceptional project management skills are also required. Strong computer proficiency including knowledge of Excel, Word, PowerPoint and Visio.
- Knowledge of some of the following required: access control software, security architecture and administration, Internet use/firewalls, network security awareness and enforcement, security policies and procedures, operating systems.
- Experience meeting requirements of HIPAA Security Rule required. Demonstrated knowledge of internal controls, business and information technology risks and audit techniques for healthcare provider and payer organizations required.
- Knowledge of Workday preferred. Working knowledge of Sarbanes-Oxley (COSO and COBIT control frameworks) and Generally Accepted Accounting Principles preferred. Experience with numerous business cycles and multiple accounting applications preferred.