Tenet Healthcare - Dallas, TX
posted 3 days ago
About the position
Tenet Healthcare Corporation is seeking an experienced Quality Controls & Compliance (QCC) Director to lead and manage second line of defense activities within our Cybersecurity organization. This role will focus on ensuring the effectiveness of and compliance with IT and Sarbanes-Oxley (SOX) audits across Tenet, USPI, and Conifer business functions. The director will work closely with IT and application control owners, management action plan owners, and Internal and External Audit teams to monitor and provide guidance on risk management activities. The position is critical in protecting the confidentiality, integrity, and availability of sensitive data while continuously mitigating risks. The director will collaborate with various teams to design, implement, and maintain user access governance, controls, and frameworks.
Responsibilities
- Lead second line of defense for IT and SOX audits across Tenet, USPI, and Conifer business functions.
- Monitor and provide guidance to first line risk management activities.
- Implement second line controls including user access reviews and critical IT audit reviews.
- Evaluate IT general controls including user access, information security, and change management.
- Complete Financial Reporting Control (SOX) test work and documentation.
- Develop plans and roadmaps for future state including process optimization.
- Participate in Annual Budget planning and developing business cases.
- Create automated dashboards to measure program effectiveness.
- Collaborate with Internal Audit team to understand processes and ensure testing results.
- Communicate with External Auditors and serve as a point of leadership.
- Maintain documentation of deliverables and develop KPIs and metrics.
- Guide, coach, and motivate team members and manage performance.
Requirements
- 12+ years of work experience.
- Bachelor's/Master's Degree or related technology degree.
- Certifications preferred: PMP, ITIL, Identity Certifications.
- CISSP, CISA, CISM, and/or International Information System Security Certification Consortium certification is a plus.
- Ability to identify/assess business process and IT risks.
- Good working knowledge of SOX, HIPAA principles, concepts, and practices.
- Strong interpersonal and organizational skills.
- Detail-oriented, able to multitask and meet deadlines.
- Advanced knowledge of PowerPoint, Excel, and Visio.
Nice-to-haves
- Familiarity with audit tools.
- Experience working in cross-departmental teams.
Benefits
- Competitive salary and performance bonuses.
- Health, dental, and vision insurance.
- 401k with company matching.
- Paid time off and holidays.
- Opportunities for professional development.
