Nordic Global

Audit Program Director

Nordic Global  •  United States (Remote)  •  3 hours ago
Apply
AI can make mistakes so check important info. Chat history is never stored.

Job Description

Make a difference. Be happy. Grow your career.

The Role

Nordic’s Audit Program Director will lead and actively execute the organization’s internal and external audit program across Information Technology and related business functions. This is a hands-on role responsible for managing the full audit lifecycle while directly performing key audit activities, including planning, evidence collection and review, coordination with auditors and internal stakeholders, tracking remediation efforts, and supporting control improvement initiatives. Working alongside other team members and business partners, the Audit Program Director will ensure audit readiness, timely and effective audit execution, and strong accountability for addressing identified findings and strengthening the organization’s control environment.

Key responsibilities

Performs duties and responsibilities corresponding with assigned functions within department which may include, but are not limited to, any combination of the following tasks:

  • Leading and actively executing Nordic’s internal and external audit program across Information Technology and related business functions
  • Managing the full audit lifecycle, including audit planning, readiness activities, evidence collection, evidence review, auditor coordination, issue tracking, and remediation follow-up
  • Directly participating in the execution of audits alongside internal team members and cross-functional stakeholders, ensuring timely and accurate completion of audit activities
  • Serving as the primary owner for internal, external, and certification audits and assessments related to Cyber Essentials, ISO/IEC 27001, HITRUST CSF, NIST-based control assessments, and SOC 2 examinations
  • Coordinating with internal and external auditors, assessors, certifying bodies, and business stakeholders to support successful audit execution and timely responses to requests
  • Developing, maintaining, and improving audit procedures, standards, documentation, and evidence repositories to support repeatable and efficient audit performance
  • Assessing the design and operating effectiveness of controls and identifying opportunities to strengthen Nordic’s control environment, compliance posture, and operational maturity
  • Tracking audit findings, observations, and remediation activities through closure, while driving accountability across technical and business teams
  • Partnering closely with Information Security, Infrastructure, Compliance, Privacy, Legal, and operational teams to ensure alignment of audit activity with organizational priorities and obligations
  • Supporting ongoing control maturity and audit readiness efforts through gap assessments, internal reviews, process improvement initiatives, and policy or control enhancement recommendations
  • Preparing clear and concise audit status updates, findings summaries, risk insights, and remediation progress reports for leadership and key stakeholders
  • Monitoring changes in relevant regulatory, certification, and assurance requirements and helping translate those changes into audit and control program updates
  • Promoting a culture of accountability, transparency, and continuous improvement in support of Nordic’s risk management and assurance objectives

Skills and experience

  • Bachelor’s degree in information technology, cybersecurity, risk management, business, or related field, or equivalent work experience required
  • 15+ years of progressive experience in audit, cybersecurity, compliance, risk management, or information security roles, with experience leading and directly executing audit activities
  • Demonstrated experience managing and performing internal and external audits across cybersecurity, compliance, and control frameworks
  • Strong working knowledge of Cyber Essentials, ISO/IEC 27001, HITRUST CSF, NIST Cybersecurity Framework (CSF) 2.0, and SOC 2 / Trust Services Criteria audits and assessments required
  • Experience coordinating with external auditors, certification bodies, assessors, and internal stakeholders in support of successful audit and certification outcomes
  • Proven ability to assess control design and operating effectiveness, identify gaps, and drive remediation efforts through closure
  • Strong understanding of IT general controls, cybersecurity controls, risk management practices, and audit evidence requirements
  • Ability to work hands-on in audit execution, including planning, evidence gathering, documentation review, issue tracking, and follow-up activities
  • Strong analytical, organizational, and problem-solving skills with exceptional attention to detail
  • Excellent written and verbal communication skills, with the ability to communicate effectively with technical teams, business stakeholders, auditors, and executive leadership
  • Ability to prioritize multiple initiatives, manage competing deadlines, and maintain a high level of accuracy and accountability
  • Experience developing or improving audit procedures, documentation standards, and repeatable control validation processes preferred
  • Relevant certifications such as CISA, CRISC, CISM, CISSP, CCSP, ISO/IEC 27001 Lead Implementer or Lead Auditor, or HITRUST CCSFP preferred
  • Must demonstrate and embody Nordic’s maxims

Additional Details

  • Position will be remote
  • Travel up to 10% of the time

#LI-AH2

Nordic is an equal opportunity employer. We are committed to creating an inclusive environment for all employees and applicants. We do not discriminate on the basis of race, color, religion, sex, national origin, age, disability, genetic information, marital or veteran status, or any other protected status under applicable federal, state, or local laws. We encourage individuals of all backgrounds to apply, including women, minorities, individuals with disabilities, and veterans.

Nordic Global

About Nordic Global

Healthcare leaders worldwide trust Nordic as their end-to-end strategic partner in navigating every step of health IT modernization. Our purpose is to help providers harness the power of technology to streamline operations, enhance clinician wellness, improve patient care, and achieve financial sustainability.

Nordic provides clients with KLAS-recognized solutions, including strategic advisory, managed services, digital and cloud initiatives, implementation and support, staffing, and enterprise resource planning (ERP) services. Nordic laboratory services provide expert resources that enable hospitals and health systems to drive clinical transformation and address today’s ever-changing environment.

Clients benefit from our global presence and extensive experience across the top health IT platforms. Our team of over 3,300 professionals brings deep healthcare experience, extensive technical knowledge, insightful strategic vision, and proven operational capabilities.

Industry
IT & Software
Company Size
1,001-5,000 employees
Headquarters
Madison, WI
Year Founded
2010
Social Media