IS Internal Auditor

Weekly pay, health and dental after your first month, student loan repayment, a competitive 401(k) match, and more! Make a living while you make a difference at Trilogy Health Services - a senior living provider with the continuous goal of being the Best Healthcare Company in The Midwest.

Job Summary
Serves as a key liaison between IT, audit, and business teams to execute SOX 404B testing and operational IT audits. Evaluates IT controls, identifies risks, and supports remediation efforts while ensuring compliance with HIPAA, NIST, and other regulatory standards.

Roles and Responsibilities
* Acts as the primary liaison between IT, IS, external audit, and business/IT application control owners to ensure effective communication and collaboration.
* Executes SOX 404B testing over IT General Controls (ITGC), IT application controls (ITAC), and key cybersecurity controls across financially relevant systems.
* Plans and performs walkthroughs, defines populations, selects samples, evaluates configurations/parameters, reperforms automated control logic, and assesses exceptions to support auditor reliance.
* Leads and executes non-SOX operational IT audits- plan and perform routine monitoring and testing of critical IT systems
* Identifies control deficiencies and risks, recommends mitigation strategies in partnership with control owners, and follows up on remediation.
* Prepares clear, concise audit reports and present findings to management, routinely tracks audit projects, resource hours, and progress against plan; analyzes trends and outcomes; and provide reporting to support forecasting and continuous improvement of the audit plan.
* Supports the design and implementation of automated solutions for recurring audit and monitoring activities.
* Provides advanced data and reporting support to the audit team-assist with extracting system reports, structuring large datasets, and performing complex analyses (e.g., building dynamic pivot tables, reconciling data across sources, and executing comparative reviews) to enable efficient testing and insightful conclusions.
* Participates in annual IT risk assessments and consult with stakeholders in development of the IT audit plan.
* Assesses compliance with internal IT policies, regulatory requirements and industry standards, including HIPAA, NIST, and state-specific guidance.
* Reviews third-party and vendor risk management practices, including evaluating SOC 1 and SOC 2 reports, testing key controls, assessing subservice organizations, and mapping Complementary User Entity Controls (CUECs) to internal processes to ensure comprehensive coverage and compliance.
* Audits data privacy and governance practices, including encryption and data lifecycle management.
* Evaluates and participates in disaster recovery, business continuity, and incident response plans.
* Consults with internal teams on process and control development, quality improvement, and remediation activities.
* Monitors industry trends and emerging technologies to proactively identify risks, recommend improvements, and provide guidance and training to team members and control owners on relevant updates and best practices.
* Other duties as assigned.

Qualifications
Education: Bachelor Degree
Experience: 3-5 years

Licenses and Certifications
Certified Information Systems Auditor (CISA) strongly preferred.

Physical Requirements
Sitting, standing, bending, reaching, stretching, stooping, walking, and moving intermittently during working hours. Must be able to lift at least 50lbs. Must be able to maintain verbal and written communication with co-workers, supervisors, residents, family members, visitors, vendors, and all business associates outside of the health campus.

• Competitive salaries and weekly pay
• 401(k) Company Match
• Mental Health Support Program
• Student Loan Repayment and Tuition Reimbursement
• Health, vision, dental & life insurance kick in on the first of the month after your start date
• First time homebuyers' program
• HSA/FSA
• And so much more!

Whether you're looking for a new chapter, a change of pace, or a helping hand, Trilogy is committed to being the best place that you've ever belonged.

Flexibility is what you want, and flexibility is what you'll get.

Come into the office because you want to - not because you have to. At Trilogy, we're proud to embrace a hybrid work environment that allows you both the convenience of working from home and the flexibility of meeting with your co-workers in person. With collaborative workspaces, rotating cubicles, and meditation areas, our freshly renovated Home Office will accommodate the working style that works best for you.

Six months of training, orientation, and fun!

We believe in setting our employees up for success. That's why your first six months are referred to as your "blue-badge" period - a time where you are encouraged to ask questions, ask for help when needed, and familiarize yourself with the company culture. Even when your blue badge period ends, you can rest assured that the Trilogy team will always have your back.

As one of Fortune's Best Places to Work in Aging Services, a certified Great Place to Work, and one of Glassdoor's Top 100 Best Companies to Work, Trilogy is proud to be an equal opportunity employer committed to helping you reach your full potential and to diversity and inclusion in the workplace. We prohibit discrimination and harassment of any kind based on race, color, sex, religion, sexual orientation, national origin, disability, genetic information, pregnancy or any other protected characteristic as outlined by federal, state or local laws.

FOR THIS TYPE OF EMPLOYMENT STATE LAW REQUIRES A CRIMINAL RECORD CHECK AS A CONDITION OF EMPLOYMENT.