COVID-19 Vaccination Information

Across UPMC, our guiding principle is to always prioritize the safety of our employees, patients, and members. UPMC believes that vaccination is important, helps protect all, and advocates that everyone who can be vaccinated should be vaccinated.

UPMC complies with all governmental requirements related to local, state, and federal COVID-19 vaccination for employment. The Jan. 13 Supreme Court of the United States decision that the Centers for Medicare & Medicaid Services federal COVID-19 vaccine mandate will move forward requires UPMC to ensure employees either get vaccinated or receive a requested medical or religious exemption.

If you are not yet vaccinated, we urge you to get a vaccine now. You can schedule your COVID-19 vaccination through UPMC or visit a non-UPMC provider or UPMC Urgent Care location.

Proof of vaccination is not required upon hire; however, employees will be responsible for ensuring post-hire compliance by getting vaccinated or requesting a medical or religious exemption.

For more information about UPMC’s response to COVID-19, please visit

Search Our Jobs

   Current UPMC employees must apply in HR Direct

Manager, IT Audit & Compliance

  • Job ID: 739456925
  • Status: Full-Time
  • Regular/Temporary: Regular
  • Hours:
  • Shift: Day Job
  • Facility: Corporate Finance
  • Department: Internal Audit
  • Location: 600 Grant St, Pittsburgh PA 15219
  • Union Position: No
  • Salary Range: $49.22 to $83.58 / hour


UPMC’s Internal Audit department is looking to hire a motived Manager, IT Audit & Compliance!

The Manager, IT Audit and Compliance primary responsibility is to oversee and ensure the delivery of high-quality audit results, most of which will focus on information technology, in a timely manner in accordance with professional standards. Responsible for recruiting, mentoring, and developing auditors, as well as supporting them in their career objectives. Responsible for delivering consulting and audit reports to Executive and Line Management that are timely, reflect current regulatory and industry practices, and drive organizational improvement. Exercises delegated authority to make operational and personnel decisions in the absence of the IT Audit Director and/or Chief Audit & Compliance Officer and will assist them in developing risk assessments and the annual audit plan. The IT Internal Audit Manager will perform ongoing enterprise IT risk assessments, categorizing and ranking the risks, and adjusting the audit schedule or audit scope of work accordingly.

UPMC has a Center for Engagement and Inclusion that is charged with executing leading-edge and next-generation diversity strategies to advance the organization’s diversity management capability and its national presence as a diversity leader. This includes having Employee Resource Groups, such as Women Inspiring Talent in Heath Care in Finance (WITH) or PRIDE Health, that support the implementation of our diversity strategy. 

Apply today!



  • Department Goals: Successfully manages many competing demands and participates in developing the Audit Plan and specially designed projects on time and within budgeted hours. Monitors that auditors are productive and have adequate workload and informs IA Management of project statuses. Manages the department relationship with IT third party vendors including external auditors and contractors.
  • Leadership: Initiates, participates in, and leads departmental and organizational special projects. Possesses advanced public speaking and presentation skills and is comfortable leading opening and closing meetings, including explaining issues to executives and handling constructive disagreements to resolution. Proactively guides other auditors on their performance, career guidance, and can train auditors on appropriate tools and techniques of auditing. Provides timely completion of performance reviews on IT audit projects and IT staff. Responsible for maintaining IT job descriptions, understanding the state of the IT Audit industry, and evaluating and selecting applicants for open positions. Identifies and spreads best practices in the audit industry across the department with tools and guidance.
  • Risks & Industry: Leads risk assessment meetings. Responsible for quarterly assessing IT risks to the enterprise, categorizing, and ranking the risks, and compiling an audit schedule for presentation to UPMC Leadership. Able to perform advanced analysis of complex business processes identifying risks, controls, gaps, and process flow and design that could be reviewed with a client.
  • Technology: Possesses advanced knowledge of technology controls and configurations at a complex technical level for infrastructure, applications, and networking. Has developed specialized skills in specific technologies. Able to research and analyze new and complex technologies to identify key controls and risks and explain them to non-technical personnel. Stays current with new and emerging technologies. Possesses advanced knowledge of internal and external control expectations, frameworks, and regulations. Possesses advanced auditing and software skills with workpaper and process flowing and understands data mining technology. Overall accountability for the use and procurement of technology in the department.
  • Workpapers & Reports: Uses, approves, and initiates revision of the standard department templates and processes for performing audits. Capable of developing and approving advanced new work program sections and testing steps for complex processes and technology to be included in audit programs. Ensures workpapers, including those of other auditors needing review, are completed on time and evidence is validated to fully support conclusions and findings. Oversight and monitoring is provided over open follow-up items for IT so they are distributed in the department, proactively tracked, and review comments are closed within timeframes. Validates and identifies the root cause of complex issues and proposes valuable and effective solutions with knowledge of UPMC organization. Approves all workpapers and final IT report drafts for review by Audit Management.



  • Bachelors degree and 6 years related work experience, including 5 years of experience in Information Technology/Information Security/IT Auditing, AND Certification or Masters degree required.
  • Degree Preferences: Health Information Technology, Information Security, Computer Forensics, Computer Science, Information Technology/Systems.
  • IT Experience Preferences: IT Auditing, Information Security, Information Technology, Health Care Applications.
  • Representative IT Management Framework or Regulatory Experience Preferences: COBIT, HITRUST, ISO, ITIL, PMBOK, SOX (IT)
  • Certification Preferences: CISA, CISSP, CIA, PMP

Licensure, Certifications, and Clearances:

UPMC is an Equal Opportunity Employer/Disability/Veteran

Total Rewards

More than just competitive pay and benefits, UPMC’s Total Rewards package cares for you in all areas of life — because we believe that you’re at your best when receiving the support you need: professional, personal, financial, and more.

Our Values

At UPMC, we’re driven by shared values that guide our work and keep us accountable to one another. Our Values of Quality & Safety, Dignity & Respect, Caring & Listening, Responsibility & Integrity, Excellence & Innovation play a vital role in creating a cohesive, positive experience for our employees, patients, health plan members, and community. Ready to join us? Apply today.

   Current UPMC employees must apply in HR Direct

Security Alert

We are aware of scams targeting UPMC and other large companies that involve individuals posing as employees to illegitimately conduct interviews and extend false employment offers and payments to gain access to candidates' personal information. Please note that UPMC will not communicate with candidates through third-party email services like Gmail or Yahoo. While some interviews may take place via a video conferencing service, UPMC Talent Acquisition will not conduct interviews via Skype or Google Hangouts. UPMC will never ask for or disburse funds during the recruitment process. If you are hired into a role with a sign-on bonus or similar incentive, funds will be paid to you by UPMC after your start date.

If you suspect you have been a victim of a fraudulent UPMC job offer, please report the attempt using this form.