**Purpose:** The Director, IT Internal Audit and Comp's primary responsibility is to oversee and ensure the delivery of high-quality audit results, most of which will focus on information technology, in a timely manner in accordance with professional standards as well as lead compliance program initiatives for assigned areas and facilitate the technology needs over the overall department. Responsible for recruiting, mentoring, and developing auditors and compliance professionals, as well as supporting them in their career objectives. Responsible for delivering assurance and advisory audit reports and compliance work to both Executive and First/Second Line Management that are timely, reflect the current regulatory and industry practices, and drive organizational improvement. Responsible for developing the IT risk assessment and the IT portion of the annual audit plan as well as collaborating on the compliance program efforts. Responsible for quarterly assessing IT risks to the enterprise, categorizing and ranking the IT risks, and working with the IT Leadership on final and proposed regulations affecting the environment. **Responsibilities:** + Technology Skills: Possesses advanced knowledge of technology controls and configurations at a complex technical level for infrastructure, applications, and networking. Able to research and analyze new and complex technologies to identify key controls and risks and explain them to non-technical personnel. Stays current with new and emerging technologies. Able to research and interpret federal and state regulations across the industries where UPMC works. Possesses advanced knowledge of internal and external control expectations, frameworks, and regulations. Possesses advanced auditing and software skills with workpaper, process flowing, and data mining technology. Manages the day-to-day activities of departmental technology use and monitors that appropriate quality and formality in process is established. + Risk & Industry Skills: Leads risk assessment meetings with management and executives. Monitors that proper organizational or process coverage is included. Responsible for ongoing assessment of IT risks to the enterprise, categorizing, and ranking the risks. Possesses advanced understanding of healthcare terminology and industry risks. Can perform but will primarily review the quality and completeness of business processes analyses and / or process flow diagrams. Responsible for quality control of any deliverables. Participates in industry and / or discipline professional organizations. + Department Goals: Successfully manages many competing demands, all delivered on time and within budgeted hours, and completes and monitors the completion of, the IT Audit Plan, Compliance Program and Work Plan. Monitors that auditors are productive and have adequate workload and informs IAD Management of project statuses. + Compliance Activity Develop and manage compliance programs to achieve compliance with regulations, rules and standards or conduct. Establish policies and procedures to support compliance activities. Plan, develop and conduct communications and educational and training sessions related to specific compliance topics. Establish monitoring mechanisms and conduct routine audits compliance programs. Oversee coordination and facilitation of the work of compliance officers across assigned areas as well as individuals and groups throughout these UPMC departments/divisions, across a wide range of compliance topics. + Leadership Skills: Initiates, participates in, and leads departmental and organizational special projects, including the expansion of communication and training efforts of the compliance program through proper use of social media and other technologies to reach the intended audiences. Possesses advanced public speaking / presentation skills and is comfortable leading entrance and closing meetings, including explaining issues to executives and handling constructive disagreements to resolution. Provides constructive feedback to staff auditors' leadership activities as needed. Proactively guides other auditors on their performance, career guidance, and the tools and techniques of auditing. Provides timely completion of performance reviews on IT staff. Responsible for maintaining IT job descriptions, understanding the IT Audit and Compliance industry, and evaluating and selecting applicants for open positions. Identifies and spreads best practices in the audit industry across the department with tools and guidance. Attends and participates in IT leadership meetings and activities, while maintaining the independence of the Audit function. + Workpaper & Reporting Skills: Reviews standard IT templates and processes for performing IT audits, with a focus on maintaining a detailed library of IT resources and toolkits that reflect current industry and enterprise practices. Reviews, provides feedback to staff, and approves work programs for IT Audits and IT relevant work in other departmental projects. Reviews and approves final workpapers. Reviews and approves the closure of all IT follow-up work. Validates and identifies root cause of complex issues and proposes valuable and effective solutions, with knowledge of UPMC organization. Approves the first draft of all IT report drafts for review, as well as IT management responses. Review includes validating performance of all steps, evidence to support any findings, quality control, adherence to departmental standards, and following all established communication and distribution protocols. Monitors and reviews completion of steps and reports required for Audit and Compliance Committee, Including the creation of tracking tools to monitor overall policy use, effectiveness of communications and training programs + Bachelor's degree in finance, accounting or related business field required. + 7 years of related work experience required. + 3 years of audit and/or compliance work experience required. + 2 years managerial or supervisory experience required. **Licensure, Certifications, and Clearances:** Certification or Master's Degree is preferred. + Act 34 **UPMC is an Equal Opportunity Employer/Disability/Veteran**