Refresco
HealthcareFull TimeActively Hiring

Nurse Manager

RefrescoยทTampa, FL
Apply Now

Location

Tampa, FL

Job Type

Full Time

Category

Healthcare

About This Role

A few things about this role

This isn't a nursing role. The title says Nurse Manager, but the job is about IT Governance, Risk, and Compliance. I know that's confusing. The original posting has the title listed incorrectly. What we're really looking for is an IT GRC Manager who knows SOX compliance cold and can handle the controls work around applications, data transfers, and third party risk. If you have a CPA or a CISA, that's what we need.

You'll be based in Tampa, FL and report into the IT leadership team. The work is hands on and strategic at the same time. You'll own the control environment and make sure we stay audit ready every day, not just when the auditors show up.

What you'll actually do

IT risk assessments. You'll run comprehensive assessments across applications, infrastructure, and data. Identify threats and vulnerabilities, document them in a risk register, and work with IT and business stakeholders to prioritize fixes. You'll also assess how IT changes affect policies, risks, controls, and governance ; including disaster recovery and the Risk Control Matrix.

SOX compliance. This is the core of the job. You'll maintain and update the Risk and Control Matrix. Evaluate the design of management's SOX controls and monitor how they're executed. Participate in business process walkthroughs to spot application controls, reports, and ITGC dependencies or risks. Review SOC reports and map any control deficiencies to IT risks. You'll make sure all control evidence stays current and detailed, and you'll own the remediation plans when something needs fixing. You'll also train IT teams and control owners on how to operate controls effectively.

Application controls, data transfer controls, and report validation. You'll figure out which application controls, interfaces, batch jobs, and reports are key to supporting SOX business processes. Then you'll evaluate their design and effectiveness. For data transfers, you'll look at controls that prevent errors or incompleteness. For reports used in key controls, you'll validate their completeness and accuracy.

Third party risk management. You'll build and run a third party risk management program from scratch. Monitor and manage risks tied to every third party relationship.

Disaster recovery. You'll develop, maintain, and test the IT disaster recovery plan. That includes supporting audits and fielding requests for evidence from third parties.

Cyber security. Evaluate the company's cyber security posture. Design strategies to figure out the ICFR impact of cyber incidents. Draft disclosures about cyber posture and incidents as needed.

Ongoing regulatory compliance. Make sure we stay compliant with SOX, NIST, and any other relevant standards. Help with internal and external audits. Develop and deliver GRC training to IT and business stakeholders.

What you need to bring

  • Advanced knowledge of SOX controls and compliance ; you've implemented or improved SOX before
  • Strong drive and organizational skills, including project and program management
  • Ability to manage diverse stakeholder groups proactively and productively
  • Excellent knowledge of business process risks and controls; manufacturing or consumer sector experience is preferred
  • Technical expertise in ERP system design and operation
  • In depth knowledge of IT governance frameworks like COBIT and ITIL, plus risk management methodologies
  • Strong understanding of SOX requirements and IT general controls (ITGCs)
  • Ability to analyze and solve problems; results oriented
  • You can prioritize work and know when to switch gears
  • Experience evaluating or governing SAP ITGCs
  • Experience building and maintaining processes and controls around IAM tools like SailPoint ISC is a plus

Education and certifications

  • Undergraduate degree in Accounting, Information Technology, Computer Science, or a related technical field
  • CPA, CISA, or CISSP certification is a strong plus

Benefits and compensation

We offer a comprehensive benefits package. It includes medical, dental, and vision insurance. There's a 401(k) plan with company match. You get paid time off, plus holidays. The company also provides life insurance and short term disability coverage. Compensation will be based on your experience and qualifications.

How to apply

Send your resume through the JobXi application system. Make sure your resume shows your relevant SOX and GRC experience clearly. If you have a CPA, CISA, or CISSP, list it. We'll review applications and reach out to qualified candidates.

Job Location

Tampa, FL