Associate, Tech Governance
Hi, we're Oscar. We're hiring an Associate to join our Tech Governance team.
Oscar is the first health insurance company built around a full stack technology platform and a focus on serving our members. We started Oscar in 2012 to create the kind of health insurance company we would want for ourselves—one that behaves like a doctor in the family.
About the role
The Associate, Tech Governance ensures that business procedures and controls are efficient and effective, and in compliance with applicable regulatory and corporate standards and practices. The Associate works with Control and Process owners, reviews operational practices, creates and enforces policies & procedures, and performs reviews.
You will report to the Director of Tech/IT Controls.
Oscar is a blended work culture where everyone, regardless of work type or location, feels connected to their teammates, our culture and our mission.
This is a hybrid role in our New York office. You will work part of the time in the office and part of the time remote / work-from-home. #LI-Hybrid
The base pay for this role is: $98,400 - $129,150 per year. You are also eligible for employee benefits, participation in Oscar's unlimited vacation program, and annual performance bonuses.
- Assess, evaluate, and make recommendations regarding the risk and effectiveness of tech processes, and controls.
- Design, architect, and engineer effective and efficient controls and processes utilizing tooling/solutions across various technical domains.
- Help foster a culture where controls are well understood by the impacted departments and other stakeholders.
- Ensure documentation of internal controls and processes are up to date and accessible.
- Assist with an annual technology risk assessment and work with risk owners on risk responses.
- Manage audit projects initiated by Oscar or external stakeholders, including Sarbanes-Oxley and SOC 1.
- Demonstrate aptitude and ability to translate between technical and non-technical stakeholders.
- Contribute to the development of tooling, processes, and policies that support governance, risk, and compliance (GRC).
- Advocate for improvements that increase control efficacy and testing efficiency.
- Maintain system to capture and track control deficiencies and remediation status (in collaboration with the second line).
- Collaborate with Control and Process Owners to develop action plans to correct control deficiencies, and to develop reviews with appropriate management on action until satisfactory resolution.
- Compliance with all applicable laws and regulations.
- Other duties as assigned.
- Bachelor's Degree or 3+ years of relevant work experience in governance, risk, and compliance (GRC) and/or IT audit
- 3+ years of relevant work experience in governance, risk, and compliance (GRC) and/or IT audit.
- 2+ years of experience with Cloud-native environments on AWS or GCP using Agile and/or Kanban methodologies.
- 2+ years of experience with SOX, SOC 1, SOC 2, HITRUST, PCI, and/or HIPAA.
- 2+ years of experience managing high volume and complicated projects, keeping track of details, and staging work to deliver projects on time.
- 2+ years of designing and developing queries using SQL and/or other database query languages
- 2+ years of experience with code repository tools such as BitBucket, GitLab, or GitHub
- Experience configuring and tuning alert policies in PagerDuty or other alerting tools
- Solid understanding of IAM principles and solutions including zero trust, least privilege, and entitlement reviews
- Experience working with or at a Big 4 firm
- CISA, CIA, or similar
- Experience in a start-up and/or health tech environment
This is an authentic Oscar Health job opportunity. Learn more about how you can safeguard yourself from recruitment fraud here.
At Oscar, being an Equal Opportunity Employer means more than upholding discrimination-free hiring practices. It means that we cultivate an environment where people can be their most authentic selves and find both belonging and support. We're on a mission to change health care -- an experience made whole by our unique backgrounds and perspectives..
Final offer amounts, within the base pay set forth above, are determined by factors including your relevant skills, education, and experience.
Full-time employees are eligible for benefits including: medical, dental, and vision benefits, 11 paid holidays, paid sick time, paid parental leave, 401(k) plan participation, life and disability insurance, and paid wellness time and reimbursements.
Oscar applicants are considered solely based on their qualifications, without regard to applicant’s disability or need for accommodation. Any Oscar applicant who requires reasonable accommodations during the application process should contact the Oscar Benefits Team (email@example.com) to make the need for an accommodation known.