HealthPartners Logo

HealthPartners

Senior IT Risk and Compliance Analyst

Reposted 5 Days Ago
In-Office or Remote
Hiring Remotely in United States
Senior level
In-Office or Remote
Hiring Remotely in United States
Senior level
The Senior IT Risk and Compliance Analyst manages vendor risk, ensures compliance with regulations, documents controls, and supports risk mitigation efforts across IT teams.
The summary above was generated by AI

HealthPartners is currently hiring a Senior IT Risk and Compliance Analyst. The Senior Analyst plays a key role in coordinating vendor risk and compliance activities, including interpreting and responding to compliance, third‑party, and audit evidence requests. While this position will have a primary focus on either Compliance or Risk Management as part of daily responsibilities, the individual is expected to support work across the full spectrum of Risk and Compliance Management.

In partnership with IT. teams across HealthPartners, the Senior Analyst ensures that appropriate evidence is available for control validation, controls are accurately documented, risk mitigation plans are actively managed, and IT risks are effectively identified and assessed. This role is critical to maintaining HealthPartners’ high standards for IT risk management and regulatory compliance and requires the ability to navigate complex regulatory frameworks while delivering thoughtful, strategic insights.

The ideal candidate brings a strong technical foundation in IT risk assessment, hands-on experience with ServiceNow IRM, and the ability to collaborate across teams to support enterprise-wide risk and compliance objectives.

Required Qualifications:

  • Bachelor’s degree or equivalent experience and knowledge
  • Five (5) years of work experience in information systems including a high degree of knowledge regarding technical infrastructure, systems, applications, and development and project methodologies.
  • One (1) year of system auditing experience
  • Certification in at least one related area of audit, governance, security, or service management by an accredited organization within six months of hire.
  • Understanding basic audits and the controls necessary for those audits (e.g., SSAE16, AT101, Enterprise Risk Assessments, Sarbanes Oxley, etc.)
  • Understanding of audit and security standards, e.g., CoBit, NIST, ISO27001, ISO27002, etc.
  • Strong understanding of Risk Management Practices, industry standards, and utilization
  • Strong understanding of controls and adequate evidence capture for controls.
  • Understanding of federal and state security related legislation including HIPAA, Joint Commission, and Sarbanes‑Oxley.
  • Proven experience coordinating and disseminating activities, responses, documentation, and meetings.
  • Effective communication skills; verbal and written on technical and non-technical topics.
  • Experience presenting concepts and training.
  • Strong people skills; consistent service orientation and delivery for internal and external customers
  • Analysis and problem-solving experience.
  • Understanding of Project Management, Software Development Lifecycles, Capacity, Availability, and Service Management
  • Understanding of Information Technology architectures, infrastructure components, and networks

Preferred Qualifications:

  • ITIL Foundations Certification
  • CISA Certification

Hours/Location:

  • M-F; core business hours
  • This is a hybrid position that is primarily remote, with occasional on‑site requirements for team meetings and collaborative work.

Responsibilities:

  • Addresses questions about evidence, interprets audit and third-party requests, and ensures the appropriate submission of evidence.
  • Documents, updates, and maintains the IT Control database.
  • Assists in the development of IT Controls.
  • Communications compliance and risk status ensuring timely delivery of compliance and risk deliverables.
  • Recommends remediation methods for audit deficiencies, tracking observation remediation through completion.
  • Partners within IT for the coordination and management of risk mitigation plans.
  • Documents and manages the risk repository and library; ensuring risk assessments meet IT defined standards and requirements.
  • Ensures risk policy, procedures and assessments are reviewed and updated timely.
  • Partners within IT Risk and Compliance to assess and document risks; assists business and/or IT owners with risk decisions and selecting mitigating activities.
  • Assists with IT Compliance Strategy development with an integrated approach to audit, risk, and security.
  • Maintains spot audit program, managing mitigations and control deficiencies.
  • Gathers, documents, and published security, risk, and compliance metrics.
  • Drafts policies, procedures, and standards in partnership with IT Management and leaders; ensuring policies are reviewed timely and up to date.
  • Facilitates business and IT risk mitigation and audit remediation decisions, providing options, cost/benefit analysis, and impact analysis for recommended solutions.
  • Proposes audit observation and remediation activities.
  • Maintains the Governance, Risk, and Compliance tools to support IT Risk and Compliance Service Delivery.
  • Provides compliance and risk management awareness, integrating compliance and risk into HealthPartners workforce daily activities.
  • Maintains awareness of the latest developments in the areas of system audits, industry standards (e.g., CoBit, ISACA Standards, ITIL, etc.), and regulatory and standard changes (e.g., HIPAA, PCI Standards, etc.).

Similar Jobs

26 Minutes Ago
Remote or Hybrid
Chicago, IL, USA
60K-125K Annually
Entry level
60K-125K Annually
Entry level
Cloud • Insurance • Payments • Software • Business Intelligence • App development • Big Data Analytics
Contribute to modernization and technical-debt reduction efforts, implement and test features, participate in code reviews, follow CI/CD and Agile practices, and collaborate with senior engineers while learning cloud and security practices.
Top Skills: Automated TestingC#Ci/CdConfluenceGoGoogle Cloud PlatformGrpcJIRAKubernetesPythonReactRest ApisSQLTerraform
30 Minutes Ago
Remote or Hybrid
Chicago, IL, USA
160K-200K Annually
Senior level
160K-200K Annually
Senior level
Fintech • Payments • Software
Lead and manage an SRE team to drive reliability, automation and performance of cloud-based production systems. Embed with engineering teams, mentor engineers, participate in on-call incident response, debug production issues, improve processes/tools, and support design and deployment of scalable services.
Top Skills: Aws CloudwatchAws Ec2Aws EcsAws KinesisAws LambdaAws RdsAws S3Aws SqsChefDockerDocumentdbElasticsearchGitlabGoHoneycombJavaJenkinsKotlinLinuxMakeNode.jsPythonRubySentrySumologicTerraform
An Hour Ago
Easy Apply
Remote or Hybrid
Chicago, IL, USA
Easy Apply
130K-154K Annually
Senior level
130K-154K Annually
Senior level
Artificial Intelligence • Cloud • Information Technology • Machine Learning • Software • Big Data Analytics • Automation
Drive upsell, cross-sell, and expansion within enterprise accounts by building executive relationships, executing strategic account plans, and closing complex multi-product SaaS deals. Partner with Solution Consultants and Customer Success to drive Operations Cloud adoption, maintain Salesforce forecasts using MEDDICC, and ensure long-term retention and customer ROI.
Top Skills: Ai/MlDevOpsPagerduty Operations CloudSalesforce

What you need to know about the Chicago Tech Scene

With vibrant neighborhoods, great food and more affordable housing than either coast, Chicago might be the most liveable major tech hub. It is the birthplace of modern commodities and futures trading, a national hub for logistics and commerce, and home to the American Medical Association and the American Bar Association. This diverse blend of industry influences has helped Chicago emerge as a major player in verticals like fintech, biotechnology, legal tech, e-commerce and logistics technology. It’s also a major hiring center for tech companies on both coasts.

Key Facts About Chicago Tech

  • Number of Tech Workers: 245,800; 5.2% of overall workforce (2024 CompTIA survey)
  • Major Tech Employers: McDonald’s, John Deere, Boeing, Morningstar
  • Key Industries: Artificial intelligence, biotechnology, fintech, software, logistics technology
  • Funding Landscape: $2.5 billion in venture capital funding in 2024 (Pitchbook)
  • Notable Investors: Pritzker Group Venture Capital, Arch Venture Partners, MATH Venture Partners, Jump Capital, Hyde Park Venture Partners
  • Research Centers and Universities: Northwestern University, University of Chicago, University of Illinois Urbana-Champaign, Illinois Institute of Technology, Argonne National Laboratory, Fermi National Accelerator Laboratory

Sign up now Access later

Create Free Account

Please log in or sign up to report this job.

Create Free Account