ABOUT UT SOUTHWESTERN MEDICAL CENTER
The University of Texas Southwestern Medical Center ranks among the top academic medical centers in the world. Its faculty members – who are responsible for a broad array of groundbreaking biomedical research advances – are respected for their dedication to teaching and patient care. The medical center has three degree-granting institutions: UT Southwestern Medical School, UT Southwestern Graduate School of Biomedical Sciences and UT Southwestern School of Health Professions. The schools train about 3,600 medical, graduate, and allied health students, residents, and postdoctoral fellows each year.
Our great medical center offers outstanding patient care in addition to fine teaching and innovative research. We emphasize compassionate medical treatment. UT Southwestern’s physicians are equipped to bring the latest laboratory findings to each patient. We provide inpatient care to nearly 100,000 people and oversee approximately 1.9 million outpatient visits annually. UT Southwestern has approximately 18,000 employees and an operating budget of approximately $3.4 billion.
The Director Internal Audit – IT/Operations will work under minimal supervision to provide advanced administrative guidance and direction for the Internal Audit Office under the leadership of the Vice President and Chief Audit Executive. He or she will proactively lead strategic initiatives to advance Internal Audit services and value to UT Southwestern Medical Center, enhance audit effectiveness, and support Internal Audit team growth and development.
- Lead and direct audit activities, with accountability for the planning, alignment, execution and reporting of audit activities in accordance with approved audit plans.
- Assist with carrying out department initiatives designed to increase value of the Internal Audit department to the UT Southwestern community.
- Lead the annual IT risk assessment process while maintaining awareness of current and emerging risks to the UT Southwestern information technologies and infrastructures that support the institution and its partners
- Lead the advancement of agile auditing, data analytics and robotics process automation to automate tasks, expand audit coverage and increase Internal Audit team efficiency
- Provide insights into evolving transformational business imperatives that are highly integrated with technology capabilities
- Identifies innovative practices and procedures that result in entity-wide high performance through analysis and previous learnings
- Add value to UTSW through great communication and alignment with IR, Information Security and Operational senior management
- Perform a wide variety of duties requiring a thorough understanding of institutional processes, systems, functions, programs, and policies.
- Interact with senior leadership across the institution to provide consultation and participate in key initiatives.
- Establish performance measures, conduct monitoring and perform continuous quality assurance of the department to ensure compliance with professional internal audit standards, and UT System policies and procedures.
- Provide coaching and mentoring and encourage improved performance to become a best practice internal audit function.
- Participate in organizational committees to provide valuable insights into evolving transformational business initiatives related to risks and controls.
- Responsible for design, execution, and effectiveness of a system of internal controls, which provides reasonable assurance that operations are effective and efficient, assets are safeguarded, and financial information is reliable.
- Ensure compliance with applicable laws, regulations, policies, and procedures. Maintain confidentiality as appropriate.
- Oversee budget expenditures and scheduling.
- Oversee supervisors and/or subordinate managers to include establishing priorities.
- Proactively lead strategic initiatives to advance Internal Audit programs, enhance audit effectiveness and support Internal Audit team growth and development
Perform other duties as assigned
Bachelor’s degree in Business, Finance, Management Information Systems, or a related field, and ten (10) years’ related audit experience, to include at least 5 years in a managerial or leadership capacity leading audit teams in area of responsibility (e.g., IT, Financial) is required. Healthcare and/or higher education industry experience strongly preferred. Public accounting or consulting experience is highly desirable. Related certifications, depending upon area of assigned responsibility (such as CISA, CPA, CIA, CISSP, etc.), required. EPIC, Oracle, PeopleSoft and/or Power BI experience highly preferred.
KNOWLEDGE, SKILLS, & ABILITIES
- Work requires ability to ensure adherence to all policies and procedures of university, and the ability to work with confidential information as appropriate.
- Work requires ability to effectively interpret and apply organizational policies, procedures, and systems.
- Work requires excellent written and verbal communication skills and ability to collaborate with individuals at all levels of the organization.
- Work requires ability to monitor and maintain budget.
- Work requires proven ability to manage multiple complex assignment and projects and exercise decision-making and problem solving skills.
- Work requires ability to manage, plan, organize, coordinate, and supervise work of employees as necessary to ensure desired results are achieved.
- Work requires the ability to identify risks and exposures and work with management in adopting practices to minimize risks.
- Work requires the ability to facilitate discussions and work with management to solve complex issues.
- Work requires the ability to motivate the audit teams to assist in leading the function to become a best practice department.
- Work requires the ability to motivate, lead/performance manage individuals in a diverse team
- Work requires an effective communicator, relationship builder and a manager of expectation.
- Work requires a deep understanding of IT Security posturing, threat/impact analysis, IT General Controls, IP Protection, DLP, Encryption, Network, Firewall, SEIM, DMZ, core IT processes, controls, platforms and systems, etc.
- Work requires an expert level knowledge of and experience in application of generally accepted IT management, technology and security risk frameworks
- Work requires proven knowledge of Cyber audit best practices, tools/techniques and emerging trends
The following is the acronym, “PACT”, and is fundamental to all non-clinical positions at UT Southwestern Medical Center:
- P-Problem Solving: Employees take ownership in solving problems effectively, efficiently, and to the satisfaction of customers, or managers. They show initiative in addressing areas of concern before they become problems.
- A-Ability, Attitude and Accountability: Employees exhibit ability to perform their job and conduct themselves in a professional and positive manner reflecting a professional environment readily assuming obligations in a dependable and reliable manner.
- C-Communication, Contribution, and Collaboration: Who are our Customers? Anyone who requests our help, needs our work product, or receives our services. Employees focus on customer service with creative solutions while improving the customer experience through clear, courteous, and timely delivery and communication. Sharing ideas with others helps expand our contribution to department goals.
- T-Teamwork: Employees work to contribute to the department’s success by supporting co-workers, promoting excellence in work product and customer service, and in maintaining a satisfying, caring environment for each other.
UT Southwestern Medical Center is committed to an educational and working environment that provides equal opportunity to all members of the University community. In accordance with federal and state law, the University prohibits unlawful discrimination, including harassment, on the basis of: race; color; religion; national origin; sex; including sexual harassment; age; disability; genetic information; citizenship status; and protected veteran status. In addition, it is UT Southwestern policy to prohibit discrimination on the basis of sexual orientation, gender identity, or gender expression.
Security: This position is security-sensitive and subject to Texas Education Code 51.215, which authorizes UT Southwestern to obtain criminal history record information