IT Governance & Compliance Analyst

Are you passionate about making a difference in peoples lives Do you enjoy working in a service-oriented industry If so this opportunity may be the right fit for you!

Modivcare is looking for an experienced IT Governance & Compliance Analyst to join our team supporting enterprise-wide IT governance risk management compliance and audit initiatives. This role is responsible for supporting security frameworks governance processes regulatory compliance activities and continuous improvement efforts that strengthen IT controls and reduce organizational risk. The ideal candidate will bring experience in IT governance compliance assessments audit coordination and process documentation while collaborating across technical and operational teams to support a strong security and compliance posture.

This position is based in our Denver office and requires on-site attendance five (5) days per week.

This role

• Develops documents and maintains IT governance processes policies and procedures aligned with industry frameworks and standards including NIST CSF and ISO 27001.

• Partners with IT teams to implement and support security policies governance controls and compliance initiatives across the enterprise.

• Facilitates external assessments and audits related to HITRUST ISO 27001 HIPAA and SOC 2 compliance including coordination with third-party assessors audit evidence collection remediation tracking and support of audit activities.

• Supports identity and access governance processes including documentation control validation and user awareness related to assigned responsibilities.

• Assists with cybersecurity incident response preparedness through process documentation testing employee training and response support activities.

• Evaluates and tests the IT control environment to ensure controls are operating effectively and organizational risks are appropriately identified measured and reported.

• Develops monitors and reports governance metrics including OKRs KPIs remediation activities vulnerabilities patch management and Plans of Action & Milestones (POAMs).

• Supports third-party risk management activities including vendor security assessments and alignment with organizational security policies and standards.

• Assists in the development maintenance and testing of IT General Controls (ITGCs) and compliance processes supporting HIPAA HITRUST ISO 27001 SOX SOC 2 and CCPA requirements.

• Supports internal and external audit activities through evidence collection control testing process improvement and remediation validation.

• Identifies opportunities to improve governance compliance and audit activities through process optimization scripting automation and emerging AI-assisted capabilities.

• Ensures customer and regulatory compliance commitments are maintained and completed in a timely manner.

• Participates in additional projects and duties as assigned including occasional business travel as required.

• This role does not have direct supervisory responsibilities.

We are interested in speaking with individuals with the following

• Bachelors Degree in Computer Science Computer Engineering Management Information Systems Information Security/Cyber Security or a related field required.

• Three (3) or more years of experience in IT governance information security risk management compliance or related areas.

• Experience supporting external audits and compliance assessments including HITRUST ISO 27001 and SOC 2 preferred.

• CISSP ITIL GIAC or related certifications preferred.

• Equivalent combinations of education and experience may be considered.

• Familiarity with IT governance frameworks industry standards and best practices including NIST CSF and ISO 27001.

• Knowledge of regulatory and compliance requirements including HIPAA HITRUST ISO 27001 SOX SOC 2 and related IT control frameworks.

• Experience supporting audits assessments compliance reviews and remediation activities.

• Understanding of IT General Controls (ITGCs) risk management principles identity and access management vulnerability management and third-party risk management concepts.

• Ability to analyze IT systems processes and controls to identify risks gaps and improvement opportunities.

• Ability to develop and maintain policies procedures standards controls narratives and governance documentation.

• Familiarity with scripting automation platforms and AI-assisted technologies used to improve governance compliance audit or operational processes.

• Strong analytical problem-solving organizational and documentation skills with attention to detail.

• Effective verbal and written communication skills with the ability to collaborate across technical and non-technical teams.

Salary: $80150 $105450

Modivcares positions are posted and open for applications for a minimum of 5 days. Positions may be posted for a maximum of 45 days dependent on the type of role the number of roles and the number of applications received. We encourage our prospective candidatesto submit their application(s) expediently so as not to miss out on our opportunities. We frequently post new opportunities andencourage prospective candidates to check back often for new postings.

We value our team members and realize the importance of benefits for you and your family.

Modivcare offers a comprehensive benefits package to include the following:

• Medical Dental and Vision insurance
• Employer Paid Basic Life Insurance and AD&D
• Voluntary Life Insurance (Employee/Spouse/Child)
• Health Care and Dependent Care Flexible Spending Accounts
• Pre-Tax and Post --Tax Commuter and Parking Benefits
• 401(k) Retirement Savings Plan with Company Match
• Paid Time Off
• Paid Parental Leave
• Short-Term and Long-Term Disability
• Tuition Reimbursement
• Employee Discounts (retail hotel food restaurants car rental and much more!)

Modivcare is an Equal Opportunity Employer.

• EEO is The Law - click here for more information
• Equal Opportunity Employer Minorities/Women/Protected Veterans/Disabled
• We consider all applicants for employment without regard to race color religion sex sexual orientation national origin age handicap or disability or status as a Vietnam-era or special disabled veteran in accordance with federal law. If you need assistance please reach out to us at