Description
Pasadena, CA 91101
Position type: w2
Contact duration: 12months + (strong possibility of extension)
The SOX Sr. Business Analyst will be required to know and learn the Kaiser SOX IT General Controls (ITGCs), including maintaining standards, providing strategic approaches for sustainability. Develop database solutions for new and changed SOX requirements. Support overall SOX, PCI, and HIPAA projects for the Database Services department.
Responsibilities:
This Sr. SOX Business Analyst will work with the DBAs, Project Managers, and Management to maintain and update the database SOX processes, standard procedures, and enforcement of processes to enable compliance with SOX control requirements.
Assist Project Manager and Management with the delivery of Database Services SOX and HIPAA initiatives, remediation and sustainability.
Coordinate and facilitate project meetings across multiple initiatives, remediation and sustainability processes for SOX and HIPAA, and other Database projects.
Execute and coordinate database remediation strategy for the SOX findings
Review internal procedures to ensure compliance under SOX, PCI, and HIPAA policies.
Assists in implementing, configuring and maintaining database compliance reporting tools.
Works collaboratively with staff to ensure SOX, PCI, and HIPAA compliance.
Works closely with external auditors to supply testing evidence for compliance audits.
Participates in regular department change management reviews.
Creates and reviews privileged-user database activity and database access reports for Sarbanes-Oxley compliance. Ensures management reviews and approves these reports and then stores reports in StarTeam.
Work with DBA to run/gather Database Activity reports, Technical Security Setting (TSS) reports for Sarbanes-Oxley compliance.
Consistently support compliance and the Principles of Responsibility (Kaiser Permanente's Code of Conduct) by maintaining the privacy and confidentiality of information, protecting the assets of the organization, acting with ethics and integrity, reporting noncompliance, and adhering to applicable federal, state and local laws and regulations, accreditation and licenser requirements (if applicable), and Kaiser Permanente's policies and procedures.
Perform change management activities using enterprise tools.
Assist Project Manager with managing SOX, HIPAA, and Database related projects using: project management, budgeting and financial tracking controls. Provides project reporting to project sponsors.
Assist Project Manager with running project meeting, take meeting minutes, and following-up on action items.
Maintain and update the Database Services project in NIKU RPM for tracking Core projects and adding resources to tasks.
Develop, maintain, and run metric reports for Database Services using Business Objects and Excel.
Manage and follow-up on all Database Services procurement within Ariba and Onelink.
Perform some administrative tasks such as processing department invoice reimbursement, coordination/follow-up with recruitment interviews, ordering office supplies, and other tasks as needed.
Basic/Minimum Qualifications
A Bachelor's degree in Computer Science or a related discipline, or equivalent experience
2 years of experience with RDBMS such as Oracle or SQL Server
7 years experience in information technology and diverse technological environments, business requirements gathering, process improvement, project coordination/management, SDLC- full life cycle implementation.
5 years experience as a Business Analyst or similar job function.
Knowledge of database security requirements related to Sarbanes-Oxley, Payment Card Industry Data Security Standard and Health Insurance Portability and Accountability Act.
Strong verbal communication skills
Ability to work with all levels of staff, management, external auditors
Team-Oriented and strong interpersonal skills
Must have analytical ability, excellent written communication, strong judgment, problem analysis techniques, process improvement, project management, gathering business requirements, knowledge of database administration, along with a broad knowledge of diverse data administration methodologies, database technologies, tools, and alternatives.
Preferred Qualifications
Have solid hands-on experience in developing database solutions for SOX, PCI, and HIPAA compliance.
Experience with multi-platform DBMS administration skills, such as DB2 z/OS, Oracle/UNIX, SQL Server, or Sybase is a plus.