We are seeking an expert-level Lead Compliance Auditor to lead, design, and enforce compliance and governance frameworks for a cloud-native US Healthcare Revenue Cycle Management (RCM) platform. This role requires deep knowledge of HIPAA, HITRUST, PCI DSS, SOC 2, GDPR, and enterprise security frameworks, alongside hands-on experience auditing full-stack applications, AI/ML pipelines, RPA workflows, cloud systems, BI platforms, and data pipelines.
As a Lead Compliance Auditor, you will assess, monitor, and strengthen compliance across the entire product lifecycle, including claims, scheduling, coding, collections, EDI, payments, patient data workflows, AI/ML-powered dashboards, and autonomous agents, ensuring end-to-end regulatory adherence and secure, audit-ready operations.
Compliance Auditing & Risk Management:
- Lead and execute audits for HIPAA, HITRUST, PCI DSS, SOC 2, GDPR, and internal enterprise compliance frameworks.
- Conduct end-to-end risk assessments across Healthcare RCM modules, AI/GenAI workflows, autonomous agents, and RPA pipelines.
- Audit full-stack applications (MVC, ASP.NET Core, React, SQL Server, APIs), BI dashboards (Power BI, Tableau, Looker), and cloud platforms (AWS, Azure, GCP).
- Evaluate data pipelines, ETL processes, and data warehouses/lakes (Snowflake, Redshift, Databricks) for security, accuracy, and auditability.
- Identify and mitigate regulatory, operational, and security risks across product, cloud, AI/ML, and RPA workflows.
Policy & Standards Development:
- Develop, implement, and enforce compliance policies, SOPs, and internal control frameworks for Healthcare RCM, AI/ML, RPA, and cloud systems.
- Standardize auditing processes for web, mobile, and cloud-based applications, ensuring regulatory alignment and risk mitigation.
- Establish governance for AI/ML models, GenAI, and autonomous workflows, ensuring explainability, fairness, and human-in-the-loop control.
- Maintain audit-ready documentation for dashboards, metrics, predictive workflows, and automated processes.
Technical Auditing & Monitoring:
- Audit cloud infrastructure (AWS, Azure, GCP), CI/CD pipelines, containerized applications (Docker, Kubernetes), and serverless components.
- Review AI/ML, GenAI, and Agentic AI workflows for regulatory compliance, model performance tracking, bias mitigation, and traceability.
- Audit RPA workflows (UiPath, Automation Anywhere, Power Automate) for exception handling, logging, and secure execution.
- Validate BI dashboards and reporting systems (Power BI, Tableau, Looker, SQL Server, Snowflake) for data integrity, role-based access, PHI masking, and auditability.
- Ensure PCI DSS compliance for payment workflows and HITRUST alignment for healthcare data security.
Cross-Functional Collaboration:
- Partner with Product, Engineering, AI/ML, RPA, Data, DevOps, Cloud, and BI teams to embed compliance into the development lifecycle.
- Provide guidance on secure, compliant, and auditable design of applications, dashboards, AI/ML models, and automated workflows.
- Coordinate with legal, risk, and security teams to respond to regulatory audits and customer compliance assessments.
Mentorship & Leadership:
- Lead and mentor junior and mid-level auditors, promoting best practices in compliance for Healthcare RCM, AI/ML, RPA, BI, and Cloud systems.
- Conduct compliance training across teams on HIPAA, HITRUST, PCI DSS, SOC 2, GDPR, and internal control frameworks.
- Serve as the final escalation point for critical compliance and audit issues.
- Bachelor’s or Master’s degree in Accounting, Finance, Information Security, IT, or related fields.
- 10+ years of experience in compliance, auditing, or risk management roles, with 5+ years in a leadership position.
- Proven experience auditing Healthcare RCM platforms, AI/ML systems, cloud-native applications, and enterprise software.
- Expertise in HIPAA, HITRUST, PCI DSS, SOC 2, GDPR, and security frameworks for cloud, web, and enterprise applications.
- Hands-on experience auditing full-stack stacks (MVC, ASP.NET Core, React, SQL Server, APIs), BI tools, and RPA workflows.
- Familiarity with DevOps, CI/CD pipelines, containerized deployments, serverless architecture, and automated data workflows.
Technical Expertise:
- Compliance & Audit: HIPAA, HITRUST, PCI DSS, SOC 2, GDPR, ISO 27001, internal policy frameworks
- Healthcare RCM Modules: Claims, Prior Authorization, Scheduling, Coding, Collections, Payments, Denials, AR, EDI (837, 835, 270/271, 276/277, 278)
- AI/ML & Agentic AI: Model governance, explainability, predictive analytics auditing, autonomous workflows
- RPA & Automation: UiPath, Automation Anywhere, Power Automate, workflow exception handling
- Cloud & DevOps: AWS, Azure, GCP, CI/CD pipelines, Kubernetes, Docker, Terraform, serverless
- Full-Stack Applications: MVC, ASP.NET Core, React, REST APIs, SQL Server
- BI & Analytics: Power BI, Tableau, Looker, Snowflake, Redshift, Databricks
- Office & Collaboration: MS Office Suite (Excel, PowerPoint, Word), Jira, Confluence, Miro, Teams
- Security & Governance: RBAC, PHI/PCI masking, secure data storage, audit logs, disaster recovery, encryption standards
Skillset:
- Strong expertise in risk assessment, auditing, and regulatory compliance.
- Ability to audit complex AI/ML, RPA, cloud, and full-stack environments.
- Excellent communication, stakeholder management, and documentation skills.
- Leadership and mentorship abilities to guide compliance teams.
- Strong attention to detail, critical thinking, and compliance-first mindset.
- Ability to translate regulatory requirements into practical controls and operational safeguards.
Strategic Impact:
- Ensure regulatory compliance across Healthcare RCM, AI/ML, RPA, Cloud, BI, and web/mobile platforms.
- Strengthen audit readiness, operational transparency, and customer confidence.
- Reduce compliance incidents, risk exposure, and regulatory penalties.
- Enable secure, compliant, and ethical adoption of AI/ML, GenAI, and autonomous workflows.
- Drive continuous improvement of enterprise compliance frameworks and governance processes.
Kindly Note: At Credence, we uphold the highest standards of integrity in our recruitment process. We do not charge any fees at any stage of the hiring process, and we strictly prohibit any third parties, vendors, or individuals from soliciting money in exchange for job opportunities at Credence.
If you are approached by anyone requesting payment or offering you a position at Credence in exchange for money, do not engage with them. Such actions are fraudulent and not authorized by Credence. Please report any such incidents immediately to our official HR team at [email protected]
Your safety and trust are important to us. Thank you for helping us maintain a fair and transparent hiring environment.
