IT Governance and Compliance Manager

Company: ISACA
Location: Phoenix
Posted on: March 29, 2025

Job Description:

At AHCCCS, we are committed to ensuring quality health care services for the community. We believe in the power of governance and compliance to enhance the integrity and efficiency of our IT operations. This position is eligible for full-time remote work (including virtual office arrangement in Arizona).What You'll Do to Contribute to Agency Success:The IT Governance and Compliance Manager is responsible for leading the IT governance, compliance, and risk management programs for the agency. This position oversees the development and implementation of the IT governance framework, ensures regulatory compliance, and coordinates with IT leadership on IT risk management processes. The IT Governance and Compliance Manager reports to the IT Operations Officer and plays a critical role in aligning IT practices with agency goals and regulatory requirements.Major Duties and Responsibilities:

• Leadership and Program Oversight: Provide strategic oversight and leadership for IT governance, compliance, and risk management programs. Foster a collaborative and accountable culture, ensuring that governance and compliance initiatives are implemented and continuously improved.
• IT Governance and Policy Management: Maintain IT governance frameworks, policies, procedures, and processes to ensure alignment with agency goals and regulatory requirements. Regularly review and update policies to reflect evolving compliance requirements, risks, and industry standards. Ensure that governance processes are documented and communicated appropriately.
• IT Compliance Oversight: Oversee the IT compliance team to ensure adherence to applicable laws and regulations. Monitor compliance with both internal and external requirements. Coordinate and manage external IT audits conducted by regulators, ensuring timely responses to requests and accurate documentation of findings. Work with agency teams to address audit recommendations and enhance compliance processes.
• IT Risk Management Coordination: Collaborate with IT leadership to ensure risks are identified, assessed, documented and mitigated following IT risk management policies. Support efforts to automate risk management practices. Provide regular reporting on IT risks and mitigation efforts. Ensure third-party partners remain compliant with privacy and security requirements.
• Stakeholder Collaboration and Communication: Act as the primary point of contact for IT governance, risk and compliance matters, building strong relationships with internal and external stakeholders, including Federal and State regulators. Communicate effectively to technical and non-technical audiences. Provide training and education to ensure understanding of compliance requirements.
• Continuous Improvement: Develop and monitor key metrics to assess the effectiveness of IT governance, risk and compliance efforts. Identify opportunities for improvement and implement strategies to address gaps. Stay current on industry trends and regulatory changes to ensure efforts remain effective and aligned with agency goals.Knowledge, Skills & Abilities (KSAs):Knowledge:
  • IT governance frameworks and risk management methodologies, including COBIT, ITIL, and NIST.
  • Common security and privacy regulatory requirements and standards (e.g., PCI DSS, NIST 800-53, ISO2700x, etc.)
  • Information security risk management frameworks and compliance practices
  • Third-party risk management practices
  • Laws and regulations affecting health care entities in the following areas:
    • Protected Health Information (PHI)
    • Health Insurance Portability and Accountability Act (HIPAA)
    • CMS
    • Research Compliance
    • State RegulationsSkills:
      • Strong leadership and program management skills, including leading cross-functional initiatives
      • Strong customer service skills
      • Excellent interpersonal, written and verbal communication skills, including the ability to explain technical concepts to non-technical stakeholders
      • Excellent presentation skills, including formal report writing
      • Advanced problem-solving and analytical skillsAbilities:
        • Work effectively with diverse teams and stakeholders across the agency
        • Interpret complex regulatory requirements and translate them into actionable policies and procedures
        • Develop policies and processes based on regulatory requirements and industry standards
        • Balance, prioritize and organize multiple tasks
        • Synthesize feedback and adjust plans accordingly
        • Operate with no supervision in a complex environment
        • Apply creative solutions to business problems to ensure business needs are most effectively met
        • Effectively articulate the relationship of the department to other business units in the organization
        • Effectively manage teams in a remote environment
        • Integrate new concepts, practices, and emerging technologies into strategic planning processMinimum Requirements:
          • Must reside in the state of Arizona.
          • Bachelor's degree plus 5 or more years of related experience in related discipline (or equivalent experience).Pre-Employment Requirements:
            • Successfully pass fingerprint background check, prior employment verifications and reference checks; employment is contingent upon completion of the above-mentioned process and the agency's ability to reasonably accommodate any restrictions.
            • Travel may be required for State business. Employees who drive on state business must complete any required driver training (see Arizona Administrative Code R2-10-207.12.) If this position requires driving or the use of a vehicle as an essential function of the job to conduct State business, then the following requirements apply:
            • All newly hired State employees are subject to and must successfully complete the Electronic Employment Eligibility Verification Program (E-Verify).
              #J-18808-Ljbffr

Keywords: ISACA, Phoenix , IT Governance and Compliance Manager, IT / Software / Systems , Phoenix, Arizona