Manager of IT Audit & Compliance

  • 75 State St, Boston, MA 02109, USA
  • Full-time

Company Description

American Well, a national leader in the rapidly growing field of telehealth, seeks a highly motivated and professional Manager of IT Audit & Compliance. We partner with the top health systems, health plans, employers, and digital health companies to deliver video doctor visits over mobile and web. We are changing the way healthcare is delivered by enabling every doctor to use telehealth with their patients, making care more accessible, affordable and convenient. Our goal is to bring care home.


Brief Overview:


The Manager of IT Audit & Compliance will play a critical role in Hosting department. Specifically, the Manager of IT Audit & Compliance will be responsible for leading American Well’s ongoing IT Audit and certification program. This position requires an understanding of Information Systems and standards as they relate to compliance and the protection of sensitive data. We are looking for a high energy security professional to lead our compliance program. This candidate will report to the Director of Network Security and Operations and plays a major role in our security management and certification process. The candidate will ensure that all security documentation is maintained and kept current with regard to evolving standards.  As the Manager of IT Audit and Compliance, a large part of your time will be responding to security questionnaires, audits, and the findings of your own ongoing risk assessment process. This position requires a thorough understanding of the security domains and compliance programs. A strong knowledge of compliance and customer-facing interactions is desired.













Job Description


  • Strong hands-on experience managing compliance objectives of PCI DSS, GDPR, ISO 27001, HIPAA, HITRUST, NIST, FedRAMP.
  • Review and evaluate IT environment including IT systems, processes, and controls to ensure compliance with prevailing requirements
  • Work with internal teams to ensure compliance with requirements, and standards   
  • Prepare formal written reports providing recommendations for management to strengthen and improve operations in addition to identifying cost or efficiency savings
  • Performs other compliance and audit related projects as assigned
  • Ability to influence change among multiple technical teams
  • Create and maintain metrics to measure effectiveness of compliance program
  • Provide independent, objective testing documentation  
  • Evaluate corrective actions implemented as a result of internal and external audit
  • Test company activities for compliance with regulatory and company requirements
  • Recommend and negotiate additional corrective measures when necessary
  • Assist with planning and execution of individual audits
  • Conducting audit planning activities and preparing or revising audit programs to accomplish audit objectives






  • Experience supporting the sales process through work on security questionnaires and client security assessments.
  • Understanding of risk assessment process, risk-based security model
  • Experience with issues of information security and privacy, especially as they relate to delivering healthcare. 
  • Candidate must be capable of coming up to speed quickly, working with little oversight and communicating in a clear and concise manner at all times
  • 5+ years of experience as an IT Auditor, Information Security Analyst or similar role


Additional Information

Your Team:


Should you join American Well and the Hosting team, you can expect:


American Well’s Operations group is a mission-focused technology team made up the best and brightest technical talent.  Operating out of our Boston headquarters, our engineers specialize in Information Technology, Cyber Security & Compliance, Hosting Operations, Business Intelligence, Kiosk Operations and Network Engineering.  We operate a state of the art Cyber Command Center designed specifically to manage and protect our global telehealth infrastructure.


We leverage the latest technologies including an array of deployment and management tools as well as several cyber threat intelligence networks to keep our systems running smoothly around the clock.


If you enjoy working hard, challenging yourself, and staying at the cutting edge of technology, this is the team for you. 


Working at American Well


American Well is changing how care is delivered through online and mobile technology. We make online doctor visits accessible to everyone for one-off care issues like colds or infections, and chronic condition management, such as diabetes or depression. We make the hard work of healthcare look easy and that requires a mission-driven mentality. We’re a “go getter” culture that pride itself on smarts, initiative, creative thinking, and a strong work ethic.

Our corporate headquarters are located in downtown Boston at 75 State Street –in the heart of the city. In addition to the opportunity to build the future of healthcare technology and a great location, we offer:

•       Three weeks of vacation time

•       401K match

•       Competitive healthcare, dental and vision insurance plans

•       Free gym access – on-site

•       Drop-off/pick up dry cleaning service

•       Prime office space with views overlooking all of Boston

•       Complimentary snacks and drinks