Employers Only
  • MillerCoors
  • JPL
  • Verizon Wireless
  • Liberty Property
  • Conoco Phillips
  • Coventry Health Care
  • Rush University Medical Center
  • Federal Home Bank
  • Johnson & Johnson Family of Companies
  • Yoh Company
  • Wheaton Franciscan Healthcare
  • Wells Fargo
  • Enterprise Rent A Car
  • Methodist Hospital System
  • Yum! Brands
  • Nestle USA
  • Northrop Grumman
  • Parsons
  • ServiceMaster
  • Gwinnett Health Systems
  • National Security Agency
  • Ryder System
  • Mission Hospitals
  • IBM
  • TD Ameritrade
  • Kaiser Permanente
  • WellPoint
  • Cisco
  • PwC
  • Monsanto

Kaiser Permanente

Manager SOX Compliance

Job Information

Posted:

Monday, February 04, 2013

Modified:

Monday, February 11, 2013

Division:

Northwest

Salary: 

0

Location: 

Lake Oswego Oregon USA

Job ID:

169111 (Kaiser Permanente Job ID)

HireDiversity Job ID:

3580774

Job Text


The Health Plan BIO Compliance Manager is responsible for developing and maintaining a comprehensive and integrated program that ensures that HP applications have internal controls that are adequately designed, implemented or remediated to meet SOX requirements, 2) operating efficiency goals, and 3) other business objectives. The Manager negotiates with the SOX PMO and external auditors regarding audit findings and challenges compliance expectations and interpretations when appropriate.

The Manager provides information that allows the Business Operations Executive Director to HP Vice Presidents, Executive Directors, and SOX Control Owners and their staffs accountable for: 1) complying with defined Controls, Process Narratives and Desk Level Procedures, and 2) remediating exceptions and CAPS on time. The Manager ensures adequate training and development opportunities are available for HP staff members.

This position reports to the Executive Director, Health Plan Business Operations.

Essential Functions:

Process Design
- Develop remediation strategy, new methodologies and standards for supporting enterprise compliance initiatives
- Develop, document, and maintain SOX IT General Controls, consisting of Change Management, Security, Operations processes/narratives; and the SOX Process Map. These controls exist at the Application, Database, and Host layers.
- Develop and document HP BIO SOX database and HOST processes for four Business supported applications.
- Develop and document new application on-boarding process for Policy 6G, Controls Integration model for Business Systems Application development.
- Develop and enhance sustaining Self Assessment process and implement a Monitoring Control to enable the SOX PMO to rely our Self Assessments and Monitoring to reduce audit time.
- Develop and document Remedy approval processes for the Business Application Owners and delegates (approximately 60-80 individuals)

Compliance / Verification
-. Remain current with emerging regulatory sentiments as well as solution trends in the marketplace. - Ensure compliance under SOX IT general Controls (ITGCs

Training
- Assess, recommend and provide SOX training to the SOX Control Owners, Business Partners and management team on all current applications, new in-scope applications and projects. Develop KP Learn SOX training courses, such as Change Management (1-3 courses/year).
- Conduct Business Supported Application (BSA) SOX training for application, Host and Database layers

Managerial
- The Manager provides leadership to approximately 24 IT and 4 Business Control Owners across the BIO, partners closely with the Manager of SOX Operations, SOX PMO, IT Compliance, and IT Security, Business and IT Mega Process Lead Designees; and manages a staff consisting of a SOX Analyst, Database Services Analyst (Business Consultant Specialist) and three Control Evidence Verifiers.
- Responsible for Total Performance for all staff members, including recognizing and developing high potential performers, mentoring and developing staff. Develop performance improvement action plans when needed and manage expenses within budget.
Collaboration - Maintain excellent relationships with:
- SOX Control Owners, Process Owners, Business Application Owners/Delegate, Vendor for Business Supported Application (BSAs), SOX Operations group, SOX PMO, Business and IT SOX Mega Process Lead Delegates, other SOX Program Managers; HIPAA and PCI Remediation Leaders and Managers
- HP BIO Management, Executive Directors, Vice Presidents and SR, Vice President, and Investment Project and Program Managers
- IT Compliance (ITC), Application Access Lifecycle Management (AALM), IT Security, Identity Access Management (IAM)
- Internal Audit Services (IAS), KPMG auditors
- Remedy design, reporting and support teams

Planning and Reporting
- Evaluate, recommend and support Kaiser compliance tools to monitor, track and, measure compliance and remediate any issues. This includes providing SOX workflow requirements for the new Remedy tool.
- Create monthly compliance deck for HP Senior Leadership Compliance meeting (attended by BIO Leadership Team, SOX PMO, IT Security, IT Compliance, etc.). This is a high profile meeting covering SOX, Corrective Action Plans, and Policy 6G (new applications and implementations) and Policy 6H (4th Releases)
- Create monthly Control Evidence Verifier metric and detailed exception report

Qualifications:

Basic Qualifications:
- BA degree in related field and/or 6 years of equivalent work experience.
- A minimum of 5-8 years of progressively responsible management experience in planning, budget/financial management, and staffing.
- A minimum of 5-8 years of related IT experience including IT Project Management.
-3 years experience in implementing enterprise SOX processes
-3 years experience in ITIL and CobiT framework/processes
-5-8 years experience with HOST, Application & DB Technologies
-Excellent change leadership skills, as required when changes in controls, procedures or tools are implemented across the HP BIO, working closely with SOX Operations Manager
-5 years experience in process development, documenting and training.
-5 years experience in formal project management
-Proficiency with Microsoft Office Suite (Word, Excel, Access, PowerPoint)
-Excellent oral and written communication skills and proficient in adjusting approach, depending upon audience
-Must be able to utilize and effectively communicate technical components of an initiative to applicable parties
-Excellent analytical skills
-Ability to work effectively with all levels of staff, management, external auditors, vendors, and business units
-Team-oriented and strong interpersonal skills

Preferred Qualifications:
-Experience in internal consulting and customer account management; defining engagement scope, negotiating commitments, gathering requirements, defining deliverables, designing integrated solutions, and overseeing technical implementations considered a plus
-Proficiency with SharePoint, Remedy, and GRC
-Excellent verbal, written and communication skills
-Well organized and detail oriented
-Excellent responsiveness and reliability
-Ability to work under pressure in a fast paced environment and meet tight deadlines



External hires must pass a background check/drug screen.
We are proud to be an equal opportunity/affirmative action employer.

Save job

named

Share This Job!

Diversity Events