Security Audit and Compliance Lead

Datavant is a data logistics company for healthcare whose products and solutions enable organizations to move and connect data securely. We are a data logistics company for healthcare whose products and solutions enable organizations to move and connect data securely. Datavant has a network of networks consisting of thousands of organizations, more than 70,000 hospitals and clinics, 70% of the 100 largest health systems, and an ecosystem of 500+ real-world data partners.

By joining Datavant today, you’re stepping onto a highly collaborative, remote-first team that is passionate about creating transformative change in healthcare. We hire for three traits: we want people who are smart, nice, and get things done. We invest in our people and believe in hiring for high-potential and humble individuals who can rapidly grow their responsibilities as the company scales. Datavant is a distributed, remote-first team, and we empower Datavanters to shape their working environment in a way that suits their needs.

As a lead within the larger Information Security Governance, Risk, and Compliance (GRC) organization, you have deep expertise in developing and implementing security audit and compliance programs. You will join our team in helping execute external audits and helping customers understand the Datavant control environment to satisfy their audit and compliance requirements. We are looking for experienced industry professionals who have audit experience and understand IT and compliance processes, controls, and evaluates opportunities for improvement.

You will:

• Lead and manage enterprise-level GRC audits and assessments from initiation to completion, ensuring timely delivery and adherence to project objectives, timelines and budgets.
• Facilitate audit procedures and evidence gathering with external auditors and internal partners
• Manage customer assessment and assurance activities
• Communicate effectively and regularly with internal teams, external auditors, and customers
• Perform technical assessments and documentation around key controls and security processes, as well as auditing IT processes, including working knowledge of key controls across a number of industry best practices
• Liaise with customers and auditors, articulating control implementation, and describing considerations for applying security and compliance concepts to a technical environment.
• Field and address requests for team support in collaboration with internal and external stakeholders.
• Simplify security compliance requirements into clear technical control specifications and policies.
• Continuously build and refine Datavant’s internal control framework and related documentation (e.g., policies, procedures, control narratives), and contribute to ongoing controls development and improvement
• Actively identify …