Associate, Tech Governance - New York, United States - Oscar Health

    Oscar Health
    Oscar Health New York, United States

    1 month ago

    Default job background
    Description

    Hi, we're Oscar. We're hiring an Associate to join our Tech Governance team.

    Oscar is the first health insurance company built around a full stack technology platform and a focus on serving our members. We started Oscar in 2012 to create the kind of health insurance company we would want for ourselves—one that behaves like a doctor in the family.

    About the role

    The Associate, Tech Governance ensures that business procedures and controls are efficient and effective, and in compliance with applicable regulatory and corporate standards and practices. The Associate works with Control and Process owners, reviews operational practices, creates and enforces policies & procedures, and performs reviews.

    You will report to the Director of Tech and IT Controls.

    Work Location:

    Oscar is a blended work culture where everyone, regardless of work type or location, feels connected to their teammates, our culture and our mission.

    If you live within commutable distance to our New York City office ( in Hudson Square), our Tempe office (off the 101 at University Ave), or our Los Angeles office (in Marina Del Rey), you will be expected to come into the office at least two days each week. Otherwise, this is a remote / work-from-home role.

    You must reside in one of the following states: Alabama, Arizona, California, Colorado, Connecticut, Florida, Georgia, Illinois, Iowa, Kentucky, Maryland, Massachusetts, Michigan, Minnesota, New Hampshire, New Jersey, New Mexico, New York, North Carolina, Ohio, Oregon, Pennsylvania, Rhode Island, Tennessee, Texas, Utah, Vermont, Virginia, Washington, or Washington, D.C. Note, this list of states is subject to change. #LI-Remote

    Pay Transparency:

    The base pay for this role in the states of California, Connecticut, New Jersey, New York, and Washington is: $98,400 - $129,150 per year. The base pay for this role in all other locations is: $88,560 - $116,235.00 per year. You are also eligible for employee benefits, participation in Oscar's unlimited vacation program, and annual performance bonuses.

    Responsibilities

  • Assess, evaluate, and make recommendations regarding the risk and effectiveness of tech processes, and controls.
  • Design, architect, and engineer effective and efficient controls and processes utilizing tooling/solutions across various technical domains.
  • Help foster a culture where controls are well understood by the impacted departments and other stakeholders.
  • Ensure documentation of internal controls and processes are up to date and accessible.
  • Assist with an annual technology risk assessment and work with risk owners on risk responses.
  • Manage audit projects initiated by Oscar or external stakeholders, including Sarbanes-Oxley and SOC 1.
  • Demonstrate aptitude and ability to translate between technical and non-technical stakeholders.
  • Contribute to the development of tooling, processes, and policies that support governance, risk, and compliance (GRC).
  • Advocate for improvements that increase control efficacy and testing efficiency.
  • Maintain system to capture and track control deficiencies and remediation status (in collaboration with the second line).
  • Collaborate with Control and Process Owners to develop action plans to correct control deficiencies, and to develop reviews with appropriate management on action until satisfactory resolution.
  • Compliance with all applicable laws and regulations.
  • Other duties as assigned.

    • Qualifications

  • Bachelor's Degree or 3+ years of relevant work experience in governance, risk, and compliance (GRC) and/or IT audit
  • 3+ years of relevant work experience in governance, risk, and compliance (GRC) and/or IT audit.
  • 2+ years of experience with Cloud-native environments on AWS or GCP using Agile and/or Kanban methodologies.
  • 2+ years of experience with SOX, SOC 1, SOC 2, HITRUST, PCI, and/or HIPAA.
  • 2+ years of experience managing high volume and complicated projects, keeping track of details, and staging work to deliver projects on time.
  • 2+ years of designing and developing queries using SQL and/or other database query languages
  • 2+ years of experience with code repository tools such as BitBucket, GitLab, or GitHub

    • Bonus Points

  • Experience configuring and tuning alert policies in PagerDuty or other alerting tools
  • Solid understanding of IAM principles and solutions including zero trust, least privilege, and entitlement reviews
  • Experience working with or at a Big 4 firm
  • CISA, CIA, or similar
  • Experience in a start-up and/or health tech environment

    • Travel

  • Up to 5%

    • This is an authentic Oscar Health job opportunity. Learn more about how you can safeguard yourself from recruitment fraud.

    At Oscar, being an Equal Opportunity Employer means more than upholding discrimination-free hiring practices. It means that we cultivate an environment where people can be their most authentic selves and find both belonging and support. We're on a mission to change health care -- an experience made whole by our unique backgrounds and perspectives..

    Pay Transparency:

    Final offer amounts, within the base pay set forth above, are determined by factors including your relevant skills, education, and experience.

    Full-time employees are eligible for benefits including: medical, dental, and vision benefits, 11 paid holidays, paid sick time, paid parental leave, 401(k) plan participation, life and disability insurance, and paid wellness time and reimbursements.