Associate Director, IT Audit and Data Analytics

Reporting to and under the general direction of the Chief Audit Officer, the Associate Director IT and Analytics is responsible for leading a designated portion of the Audit & Advisory Services portfolio of audits, advisory services, consultations, and investigations as assigned. The position assists the Chief Audit Officer in overseeing the ongoing progress of audit and strategic planning to ensure risk based audit coverage across UCSF organizational units and topics. Develops in conjunction with the Chief Audit Officer department goals and strategic initiatives.

The Associate Director oversees the Audit & Advisory Services IT and IT Security audits , data analytics and continuous analytics/ monitoring program, including identifying appropriate data analytics tools to deploy for Audit & Advisory Services. Supervises audits, assessments, advisory projects primarily focusing on IT and data analytics areas and secondarily encompassing operational, financial and compliance areas or other special projects as needed. Manages a highly specialized technical audit function/ team.

The Associate Director, in collaboration with IT senior leadership, also identifies IT risks and help design policies that will strengthen internal controls to properly protect and secure UCSF enterprise information.

The Associate Director interacts effectively with senior management or executive levels and works collaboratively with all levels within Audit & Advisory Services to carry out Audit & Advisory Services initiatives and projects. Leads in the establishment of operational objectives and work plans for single or multiple programs, delegates assignments to subordinate managers or professional staff. Participates in the development of a risk-based audit plan and assists in day-to-day duties to succesfully manage and maintain operations.

To see the salary range for this position (we recommend that you make a note of the job code and use that to look up): TCS Non-Academic Titles Search (ucop.edu)

Please note: The compensation ranges listed online for roles not covered by a bargaining unit agreement are very wide, however a job offer will typically fall in the range of 80% – 120% of the established mid-point. An offer will take into consideration the experience of the final candidate AND the current salary level of individuals working at UCSF in a similar role.

For roles covered by a bargaining unit agreement, there will be specific rules about where a new hire would be placed on the range.

To learn more about the benefits of working at UCSF, including total compensation, please visit: https://ucnet.universityofcalifornia.edu/compensation-and-benefits/index.html

UCSF Audit & Advisory Services (A&AS) provides independent, objective assurance and advice that provides value added services toward reducing risk and improving operations. Services provided include assurance/compliance audits, advisory/consulting projects, and investigative reviews. The scope of A&AS encompasses activities within the UCSF Healthcare Enterprise; Professional Schools, Institutes and Centers, and related academic units of the UCSF Campus; and Finance and Administrative Services. Required Qualifications

Bachelor’s degree in related area and / or equivalent experience / training

At least 8 years of Internal Audit experience, with a minimum of 4 years of supervisory/ management experience

Demonstrated experience managing technical staff

Demonstrated technical expertise and experience to plan, execute, and manage effective IT audits

Demonstrated understanding of privacy and security regulations and best practices, including federal and state laws, policies and standards, as well as extensive knowledge about a wide range of privacy/ security regulations relevant to higher education and medical center and patient information

Familiarity and experience in data analytics and use of data mining software

Has advanced knowledge of the internal audit profession, theories and systems of internal control, and professional auditing standards

Knowledge of industry regulations and best practice frameworks including NIST, ISO, COBIT, HIPAA and other guidance

Knowledge and experience performing assessments and audits in large diverse IT organizations with multiple software and hardware environments with distributed oversight

Broad knowledge of information technology security functional areas and as it relates to health information, research, finance, management of IT resources and applications, and general computer use practices

Broad knowledge of technical concepts and basic operating principles of data communications, computer hardware, vendor IT products, and software

Strong management skills including developing procedures, budgeting, organizational management, information systems, personnel management, project management, and policy implementation

Strong analytic and IT technical skills to evaluate highly complex and diverse IT systems while maintaining the ability to understand and relate the risks to the organization’s overall security posture

Ability to provide effective management of audit, advisory service, and investigation projects

Ability to demonstrate professional judgment in a broad variety of responsibilities to fulfill Audit & Advisory Services management responsibilities and obtain agreement from university management. Topics may include sensitive and / or confidential matters

Excellent communication and presentation skills, both verbally and in writing, to convey complex and technical audit information in a clear and concise manner to all levels of management, including senior leadership

Excellent interpersonal skills to work independently with all levels of University personnel, including management and faculty, and to facilitate agreement on issues and corrective actions

Preferred Qualifications

Familiarity and experience working in healthcare

Familiarity and experience working in higher education

Professional certification preferred. Certified Internal Auditor (CIA), Certified Information Systems Auditor (CISA ), CISSP, Certified Public Accountant (CPA)

License/Certification

Professional certification preferred. Certified Internal Auditor (CIA), Certified Information Systems Auditor (CISA ), CISSP, Certified Public Accountant (CPA) About UCSF

The University of California, San Francisco (UCSF) is a leading university dedicated to promoting health worldwide through advanced biomedical research, graduate-level education in the life sciences and health professions, and excellence in patient care. It is the only campus in the 10-campus UC system dedicated exclusively to the health sciences. We bring together the world’s leading experts in nearly every area of health. We are home to five Nobel laureates who have advanced the understanding of cancer, neurodegenerative diseases, aging and stem cells. Pride Values

UCSF is a diverse community made of people with many skills and talents. We seek candidates whose work experience or community service has prepared them to contribute to our commitment to professionalism, respect, integrity, diversity and excellence – also known as our PRIDE values.

In addition to our PRIDE values, UCSF is committed to equity – both in how we deliver care as well as our workforce. We are committed to building a broadly diverse community, nurturing a culture that is welcoming and supportive, and engaging diverse ideas for the provision of culturally competent education, discovery, and patient care. Additional information about UCSF is available at diversity.ucsf.edu

Join us to find a rewarding career contributing to improving healthcare worldwide.

#J-18808-Ljbffr