• Job Description

  Req#: 18209

  Overview

  The Manager Security Audit will help in leading a dynamic team responsible for developing, implementing, and monitoring a comprehensive security audit program primarily focused on SOC 2 assessments, with active involvement in HITRUST and other relevant audits. This individual will provide vision and leadership for scaling audit capabilities, ensuring business alignment, effective program governance, and assisting in developing the roadmap to achieve security audit objectives. The role will be instrumental in building and managing an innovative enterprise continuous audit strategy, meeting SOC 2 and HITRUST requirements while advancing the company’s overall security posture.

  Responsibilities

  • Lead SOC 2 audit activities across the enterprise, ensuring successful engagement and implementation of SOC 2 requirements.
  • Collaborate in ongoing HITRUST audit initiatives, working to ensure certification and compliance across various lines of business.
  • Set tactical and strategic direction for the security audit program in alignment with business and regulatory needs, emphasizing automation, emerging compliance requirements, gap remediation, and continuous control monitoring.
  • Assist in the design and improvement of the continuous monitoring program to inform future audit success, proactively identifying control gaps and remediation opportunities.
  • Mentor, develop, and guide information security personnel, fostering individual growth and program maturity.
  • Ensure proactive compliance across all business units, helping prevent out-of-compliance issues.
  • Produce clear and impactful audit reporting and deliverables for the Senior Leadership Team; effectively communicate findings, vulnerabilities, and recommendations throughout the organization.
  • Promote and evangelize Security’s role in enabling core business processes; educate teams on audit findings, vulnerabilities, security systems, and remediation efforts.
  • Prescribe and implement security improvements to resolve audit findings and strengthen the company’s security posture.
  • Lead innovation efforts to automate and streamline manual audit processes.
  • Cultivate strong cross-functional relationships throughout Cotiviti and its technology organizations to support broad audit needs.
  • Provide control advisory services for company projects, offering expertise in control design and audit readiness.
  • Apply knowledge of industry and IT best practices to deliver strategic audit guidance and ensure proper alignment with business objectives.
  • Complete all responsibilities as outlined in the annual performance review and/or goal setting.
  • Complete all special projects and other duties as assigned.
  • Must be able to perform duties with or without reasonable accommodation.

  This job description is intended to describe the general nature and level of work being performed and is not to be construed as an exhaustive list of responsibilities, duties and skills required. This job description does not constitute an employment agreement and is subject to change as the needs of Cotiviti and requirements of the job change.

  Qualifications

  • Bachelor’s degree in Business, Computer Science, Information Technology, or a related field required.
  • CISA, CISM, CISSP or similar preferred but not required.
  • 5+ years of experience in Information Security, including direct involvement with SOC 2 and HITRUST audit programs.
  • Demonstrated experience with security audits, assessments, and continuous monitoring of technical controls in a corporate or enterprise environment.
  • Strong understanding of SOC 2 requirements and familiarity with HITRUST standards.
  • Proven ability to mentor, lead, and develop junior staff while building team competency and motivation.
  • Effective communicator able to gather complex technical findings for both technical and non-technical stakeholders, including senior leadership.
  • Ability to work autonomously, manage multiple priorities, and adapt to evolving compliance needs and technologies.
  • Capable of building strong relationships across technical and business units to enable successful audit outcomes.
  • Strong organizational skills, attention to detail, and commitment to continuous process improvement and automation.
  • Travel up to 10% may be required.

  Cognitive/Mental Requirements:

  • Communicating with others to exchange information.
  • Problem-solving and thinking critically.
  • Completing tasks independently.
  • Interpreting data

  Working Conditions and Physical Requirements:

  • Remaining in a stationary position, often standing or sitting for prolonged periods.
  • Repeating motions that may include the wrists, hands, and/or fingers.
  • Must be able to provide a dedicated, secure work area.
  • Must be able to provide high-speed internet access/connectivity and office setup and maintenance.
  • No adverse environmental conditions are expected.

  Base compensation ranges from $110,000 to $140,000 per year. Specific offers are determined by various factors, such as experience, education, skills, certifications, and other business needs.

  Cotiviti offers team members a competitive benefits package to address a wide range of personal and family needs, including medical, dental, vision, disability, and life insurance coverage, 401(k) savings plans, paid family leave, 9 paid holidays per year, and 17-27 days of Paid Time Off (PTO) per year, depending on specific level and length of service with Cotiviti. For information about our benefits package, please refer to our Careers page.

  Date of Posting: 2/3/2026

  We anticipate that the application window will close on 4/3/2026, but the application window may change depending on the volume of applications received or close immediately if a qualified candidate is selected.

  #LI-REMOTE

  #LI-AK1

  #senior

• About the company

  Cotiviti is a solutions and analytics company leveraging unparalleled clinical and financial datasets to deliver insight into the healthcare system’s performance.

Notice