Job Summary

Responsible for overseeing the internal audit function and enterprise risk management program across the University of Maryland Medical System (UMMS). Provides independent, objective assurance and consulting services to evaluate and improve governance, risk management, and internal controls. Leads the development and execution of a risk-based audit plan, manages co-sourced audit partners, and ensures timely, impactful reporting to executive leadership and the Board. Drives the maturity of the ERM framework, fosters a culture of risk awareness, and integrates risk intelligence into strategic decision-making across the organization. Work is performed under general direction. Direct report to the Vice President, Compliance Operations.

Primary Responsibilities

The following statements are intended to describe the general nature and level of work being performed by people assigned to this classification. They are not to be construed as an exhaustive list of all job responsibilities performed.

• Evaluate the effectiveness and efficiency of the governance, risk management, and internal control processes of UMMS and its affiliates.
• Lead the annual risk assessment process and develop a dynamic, risk-based Internal Audit Plan aligned with UMMS' strategic objectives in collaborate with senior leadership.
• Manage the execution of audit activities defined in the approved audit plan, ensuring timely delivery, quality standards, and adaptability to emerging organizational needs.
• Update audit strategies and priorities in response to changing risk conditions and communicate major updates to senior leaders and the Audit and Compliance Committee.
• Track and validate the implementation of corrective actions for audit findings. Facilitate reporting and escalate unresolved issues to senior management and the Audit and Compliance Committee.
• Support the preparation and presentation of audit results, risk insights, and recommendations to senior leadership, Audit and Compliance Committee, and the Board of Directors.
• Oversee Internal Audit's participation in critical business and technology initiatives and projects ensuring the audit's perspective is effectively voiced and appropriate controls are designed and implemented on a proactive basis.
• Coordinate with external auditors, regulators, and other internal control functions to align on audit scope, reduce duplication, and promote integrated assurance.
• Oversee the performance and deliverables of co-sourced internal audit partners to ensure they meet professional standards and UMMS expectations.
• Maintain and evolve the ERM framework and related processes to identify, evaluate, and manage enterprise-level risks.
• Partner with risk owners and business units to embed risk management practices into operational and strategic planning.
• Leverage data and analytics to manage risk and proactively identify risks and trends.
• Support risk governance efforts, including organizing, facilitating Enterprise Risk Committee meetings, and maintaining risk documentation.
• Develop and present ERM program metrics and reporting to the Audit and Compliance Committee, executive leadership, and other stakeholders.
• Promote an organizational culture of risk awareness, accountability, and continuous improvement.
• Support the coordination and oversight of activities performed by the co-sourced internal audit provider.
• Evaluate staff effectiveness and oversee development and implementation of training programs to improve performance.
• Oversee and perform managerial functions including hiring, training and development, and preparing performance reviews in accordance with UMMS policies and procedures.
• Perform other duties as assigned.

Knowledge, Skills, & Abilities

• Advanced knowledge of internal audit standards, frameworks, enterprise risk management principles, and best practices.
• Advanced knowledge of applicable federal and state laws, rules, and regulations.
• Advanced leadership skills, including situational awareness, conflict resolution, establishing alignment and clear direction, and driving continuous improvement.
• Demonstrated ability to lead and manage teams efficiently, prioritizing tasks, optimizing workflows, and establishing a goal-driven environment with clear procedures and performance metrics.
• Advanced skill in the use of data visualization tools (e.g., Power BI, Tableau, etc.).
• Advanced analytical, quantitative, qualitative, strategic thinking, planning, organizational, and problem-solving skills.
• Advanced skill developing and maintaining collaborative working relationships with all levels of leadership and staff.
• Advanced skill managing multiple initiatives and meeting changing requirements and priorities to accomplish objectives.
• Ability to judge the level of confidentiality of information/activities involved in and exhibit integrity in the use and dissemination of such information.
• Expert skill presenting findings, conclusions, alternatives and information clearly and concisely at all levels within the organization.
• Advanced skill using innovative thinking to solve problems and facilitate the decision-making process.
• Advanced skill in the use of Microsoft Office Suite (e.g., Excel, Word, PowerPoint).
• Expert verbal, written, and interpersonal communication skills.