Senior IT Internal Auditor

About the role

Point32Health is a leading not-for-profit health and well-being organization dedicated to delivering high-quality, affordable healthcare. Serving nearly 2 million members, Point32Health builds on the legacy of Harvard Pilgrim Health Care and Tufts Health Plan to provide access to care and empower healthier lives for everyone. Our culture revolves around being a community of care and having shared values that guide our behaviors and decisions. We've had a long-standing commitment to inclusion and equal healthcare access and outcomes, regardless of background; it's at the core of who we are. We value the rich mix of backgrounds, perspectives, and experiences of all of our colleagues, which helps us to provide service with empathy and better understand and meet the needs of the communities where we serve, live, and work. We enjoy the important work we do every day in service to our members, partners, colleagues and communities. Learn more about who we are at Point32Health . Job Summary The IT Senior Auditor will report to the Internal Audit IT Senior Manager and provide support over our Model Audit Rule (MAR) program, system and organization control (SOC) reporting, and risk-based audits (internal audits). The Senior IT Internal Auditor will be responsible to evaluate the design and effectiveness of internal controls, utilize critical thinking to assess the impact of control deficiencies, perform testing for control operating effectiveness, and follow up on open issues. Job Description Key Responsibilities/Duties - what you will be doing (top five): Support end‑to‑end internal audit engagements, including planning, risk assessment, walkthrough, testing, and reporting. Perform ITGC walkthroughs and testing to support reporting on internal controls over financial reporting (ICFR / Model Audit Rule). Support the management and execution of SOC 1 audits by collaborating with our external service auditors and testing relevant ITGCs. Lead walkthrough meetings and document process flowcharts, narratives, and samples of one in accordance with Point32Health Internal Audit's methodology and standards. Maintain an accurate daily request list and clearly communicate requests and follow‑ups to relevant stakeholders. Collaborate with stakeholders to obtain documentation in a timely manner and within agreed‑upon deadlines. Proactively communicate audit findings and issues to the Internal Audit IT Senior Manager. Partner with stakeholders to identify root causes of control deficiencies and develop appropriate remediation recommendations. Monitor and validate the implementation of corrective action plans and remediation efforts. Build and maintain strong relationships with IT stakeholders to establish a reputation as a trusted advisor and internal controls expert. Provide advisory support on new initiatives, system implementations, and process changes. Qualifications - what you need to perform the job Education, Certification and Licensure Completed bachelor's degree in Accounting, Information Systems Management, Finance, or a related field. A professional certification (e.g. CISA, CIA, CPA, etc.) is preferred but not required. Experience (minimum years required): 2-4 years of internal or external IT audit experience. Strong understanding of Model Audit Rule or Sarbanes-Oxley requirements, SOC reporting, IIA standards, PCAOB standards, AICPA standards, auditing sampling and testing methodologies, ITIL, NIST, ISO 27001, COBIT. Experience evaluating and testing IT general controls and understanding of IT risks and controls. Experience working on multiple engagements simultaneously. Skill Requirements Excellent written and verbal communication skills Strong teamwork skills and the ability to work with a diverse group of people Ability to prioritize work by distinguishing between tasks that are time‑sensitive (urgent) and those that can be scheduled or addressed later without impacting overall deadlines. Ability to work on multiple projects simultaneously and in a timely manner. Self-motivated and ability to work independently with little supervision. Detail oriented with organizational skills. Analytical and critical thinking skills. Technology and computer skills, with the ability to effectively use Microsoft Office (Word, Excel, PowerPoint, Visio). Working Conditions and Additional Requirements (include special requirements, e.g., lifting, travel): The position will include a flexible work arrangement. Must be able to work under normal office conditions and work from home as required. Work may require simultaneous use of a telephone/headset and PC/keyboard and sitting for extended durations. May be required to work additional hours beyond standard work schedule. Disclaimer The above statements are intended to describe the general nature and level of work being performed by employees assigned to this classification. They are not intended to be construed as an exhaustive list of all responsibilities, duties and skill