Compliance Program Manager / Remote (Denver , CO), 2 Months Contract
Audit And Compliance Review Coordinator This position is responsible for audits and compliance review in the development, enhancement, and maintenance of the Program Eligibility Application Kit (PEAK) and the Colorado Benefits Management System (CBMS), and any additional CBMS subsystems. This includes the following:
- Oversees the coordination of annual audits and serves as primary liaison to the audit teams during their review of PEAK, CBMS and its subsystems compliance with documented processes. Coordinates the collection of audit items/documents. Coordinates meetings and provides information as needed for audit requests.
- Performs Quality Assurance monitoring on documentation and other assigned items.
Specific examples of regular, ongoing decisions made by this position related to this duty.
- MARSe 2 audit - coordinate resolution of controls with HCPF. This would include determining who on the CBMS team would be assigned the Control. This position would also manage updates and statuses of work being done on each control.
- MEET (CMS) - coordinate resolution of controls with HCPF. This would include reviewing controls and determining who on the CBMS team would be assigned the Control. This position would also manage updates and statuses of work being done on each control.
- Annual SOC 2 Type 2 audit - work with SOC auditors when to initiate audit and then coordinate resolution of controls with Client and vendor.
- ADA compliance within CBMS, PEAK, mobile apps and subsystems (Atlassian Suite, Google, etc).
In performing this duty, provide examples of typical problems or challenges encountered by this position, and the guidance used to resolve the problem.
- In the course of coordinating an audit, challenges with collection of support may be encountered. Following the processes established and escalating to management would be the steps to resolve the problem.
Other Duties as Assigned:
- Identity & access management - identify user roles, security groups that should exist, active directory cleanup assistance/coordination with appropriate teams
- Understanding of PEAK/CBMS security architecture - network, cloud, data, etc.
- Risk assessments
- Vulnerability management
- PEAK/CBMS specific compliance/security policies
- Understanding of security configs.
- Validation of security testing in CI/CD pipelines for deployments
- Coordination with incident management and DR
Apply tot his job Apply To this Job