Overview Ardent Health Services (AHS) is a national health care services company headquartered in Nashville, TN. Through its subsidiaries, Ardent owns and operates nearly 200 sites of care. Our subsidiaries own and operate hospitals and multispecialty physician practices in six states. Ardent includes 30 hospitals, 4,423 patient beds, 23,000 employees, and 1,700 employed physicians. Within the industry, we are noted for recognizing that every hospital is as unique as the community it serves. This in-depth understanding of how health care works at the local level is one of our great strengths. POSITION SUMMARY The Manager, Information Security Compliance (SOX ITGC) will ensure the development and maintenance of SOX ITGC policies and procedures, manage the Risk and Control Matrix (RACM), monitor compliance, and conduct risk assessments. This position will work closely with IT leadership, subject matter experts, risk management, compliance, and Internal Audit to maintain a robust SOX ITGC compliance program Responsibilities Develop and implement policies and procedures to ensure compliance with SOX 404 regulations related to IT General Controls. Regularly review and update policies to reflect current standards and practices. Maintain the Risk and Control Matrix (RACM) by ensuring current control descriptions are accurately stated, effective and align with SOX objectives. Continuously monitor the organization’s adherence to SOX requirements, internal policies, and industry standards. Conduct systematic risk assessments to identify, evaluate, and prioritize risks related to SOX compliance. Facilitate team meetings to discuss compliance issues and updates. Design and monitor KPI’s indicating the continued operating effectiveness of IT controls. Develop and conduct training programs to educate control owners on SOX compliance requirements. Coordinate internal audits to evaluate the effectiveness of IT controls and ensure compliance with SOX 404 regulations. Work with internal and external auditors to provide necessary documentation and support during audit processes. Qualifications Education & Experience: Bachelor’s degree in Information Technology, Cybersecurity, Business Administration, or a related field. Five years of experience in information security compliance, IT Audit, or a related field. Experience working in highly ambiguous environments, with the capability to independently identify problems, develop solutions, and drive initiatives to completion. Certifications such as CPA, CISA, CRISC, or CISSP.. preferred Experience in the Healthcare industry and/or publicly traded companies, preferred. Experience with Ardent Key Systems: Epic, Lawson, Active Directory, and SailPoint, preferred. Experience with scripting languages such as SQL and PowerShell, preferred. Knowledge, Skills & Abilities: Strong understanding of IT General Controls (ITGCs) and their role in SOX compliance, as well as familiarity with IT infrastructure and security architecture. Ability to understand business issues and objectives and translate them into compliance solutions. Familiarity with Microsoft O365 (word, teams, etc.) and ServiceNow. preferred. Exposure to Alteryx or related data analytics and automation tools, preferrred