About Us Integrity Management Services, Inc. (IntegrityM) is an award-winning, women-owned small business specializing in assisting government and commercial clients in compliance and program integrity efforts, including the prevention and detection of fraud, waste and abuse in government programs. Results are achieved through data analytics, technology solutions, audit, investigation, and medical review. At IntegrityM, we offer a culture of opportunity, recognition, collaboration, and supporting our community. We thrive off of these fundamental elements that make IntegrityM a great place to work. Our small, flexible workplace offers an exceptional quality of life and promotes corporate-driven sustainability. We deliver creative solutions that exceed goals and foster a dynamic, idea-driven environment that nurtures our employees’ professional development. Large company perks…Small company feel! www.integritym.com In this role, the Medicaid Audit and Compliance Specialist will be responsible for performing and reporting on Medicaid Managed Care Plans and providers to identify potential fraud, waste, and abuse; issue findings and recommendations; and identify improper payments. Audit assignments can be programmatic or financial and may range from desk reviews and/or onsite review activities as determined by federal and state regulations. Specific review types may include case management, program payment appropriateness, program and policy compliance, billing, coding and medical record documentation reviews, as well as research and analysis of industry trends. The Medicaid Audit and Compliance Specialist will perform audits as assigned which consist of but are not limited to performing licensing and exclusion reviews on providers and work with the medical staff to ensure services are reimbursed meet regulatory requirements. The Medicaid Audit and Compliance Specialist will work independently as well as collaboratively with other audit staff.    Job Responsibilities:   - Applies in-depth knowledge of federal and state regulations and healthcare industry standards.    - Comprehends and follows auditing plans and methodologies specific to contract requirements.     - Prioritization and assignment of workload, ensuring adherence to task order policies and procedures.    - Examines and calculates data from financial documents and statements such as provider cost reports as a method of audit.     - Utilize data mining and trend analysis tools to detect anomalies in Medicaid billing and payment patterns.    - Attend on-site audits to retrieve medical records and conduct provider entrance/exit conference.     - Prepare and submit medical record request letters to providers associated with requests for medical record requests or suspension overpayment determinations.    - Interpret and apply pertinent laws, regulations, policies, and procedures relevant to the specific audit findings and provider type being audited.    - Ensure Generally Accepted Government Auditing Standards (GAGAS) standards are applied to each applicable audit to identify fraud, waste or abuse.    - Preparing factual and objective written reports in conformance with professional auditing and evaluation standards and present findings to leadership, external agencies, and government partners.    - Calculates improper payments, and issues findings, recommendations, and corrective actions in accordance with applicable regulations, policies and procedures.     - Prepare and send suspension overpayment determinations to providers when applicable.     - Communicates with federal/state agencies and providers regarding issues such as general regulatory compliance, audit findings, and the recovery process.    - Attends briefings and presentations as assigned.    - Maintains fraud case development quality standards so that proper case development is ensured, and quality cases are fully prepared.     - Maintains proper and timely updates in appropriate tools and applications for their investigations. Case development databases and documents.    - Develops and documents reports of investigative findings, compiles case file documentation, calculates improper payments, and issues findings, recommendations, and corrective actions in accordance with applicable regulations, policies and procedures.     - Program research relating to federal program applications, eligibility, payments, and other program requirements.     - Conducts on-site visits and/or interviews as required for investigation.     - Identify weaknesses in current audit processes and recommend enhancements for improved efficiency and effectiveness.    - Performs ad hoc tasks/duties as assigned.

Overview Build the Future At McGraw Hill, we are dedicated to delivering digital learning experiences that transform education for learners and educators. Our focus is on creating seamless, impactful products that truly benefit our users while supporting growth and collaboration across teams. We foster a culture that values innovation, teamwork, and a balance between career growth and personal well-being. How can you make an impact? The Director, IT Internal Controls & Risk Compliance for the Digital Enterprise Solutions (DES) organization leads the company’s Sarbanes-Oxley (SOX) compliance implementation and establishes a scalable and sustainable IT control and governance framework appropriate for our dynamic environment. This role serves as the primary IT lead for SOX compliance, partnering with DES leadership, Finance, Internal Audit, and External Audit to design, document, test, remediate, and standardize controls across a complex landscape including McGraw Hilll’s digital products, Oracle ERP, data and analytics environment, and multiple in-scope financial and operational applications. The ideal candidate leverages deep IT audit experience, strong technical understanding of complex multi-system environments, and exceptional leadership skills to drive compliance and mature our IT governance program, evolving beyond initial SOX implementation into broader risk management leadership. This is a remote position open to applicants authorized to work for any employer within the United States. What You'll Do: - Audit Execution and Risk Assessment: Plan and develop audit scope for complex assessments including SOX and SOC2 audits; participate in end-to-end engagements from planning through risk assessment, execution, reporting, issue validation, and follow-up; apply a robust understanding of business and IT risks and how controls address these risks. Provide advisory support to Internal Audit on operational or non‑SOX IT audits as needed. - Internal Controls & Remediation: Provide guidance to control owners on designing and implementing effective controls, ensure timely remediation of deficiencies, recommend improvements; design and implement controls for new entities and evolving business processes; support SOX readiness initiatives and system implementations to embed business, IT, and automated controls appropriately. - SOX and Compliance Expertise: Apply strong knowledge of SOX requirements, internal control frameworks (COSO, COBIT, NIST), and risk assessment principles to identify control gaps, assess risks, and recommend practical, business-focused solutions; effectively communicate SOX control concepts, audit findings, and remediation expectations to process owners and management, including senior leadership - IT Controls Implementation & Sustainment: Lead evaluation and implementation of IT General Controls—including user access provisioning/deprovisioning and periodic reviews, segregation of duties considerations, change management and release controls, and operations controls (interfaces, batch processing, backups, monitoring); assess and document controls across complex application landscapes such as digital products, Oracle ERP, legacy/custom, and SaaS; maintain comprehensive risk & control matrices, narratives, and system architecture documentation; partner with Finance and other stakeholders to identify IT-dependent controls and support audit walkthroughs and testing. - Program Development & Sustainability: Participate in the building of an enterprise IT risk and compliance program beyond initial SOX implementation; maintain an inventory of in-scope applications, infrastructure, and related risks; align IT risk management with enterprise and DES risk initiatives; support development of IT policies and standards, and the creation of metrics for executive, Committee, and Audit reporting; integrate recognized governance frameworks and establish sustainable compliance monitoring processes. - Collaboration & Coordination: Coordinate audit activities with external auditors to maximize efficiency, leverage work performed, and minimize disruption to the business; build strong relationships across DES, IT, Finance, Internal Audit, and business partners; collaborate effectively to partner across functions and stakeholders. Who You Are: - 7+ years of progressive experience in IT audit, IT risk management, or SOX compliance within a complex corporate environment. - Proven track record in planning and executing internal, SOX (Business & IT), operational, and IT audits - Experience supporting SOX implementations or major control transformations preferred - Experience working with PCAOB‑regulated auditors - Familiarity with audit management tools - Big 4 or equivalent public‑company experience preferred - Advanced understanding of internal control frameworks and risk assessment methodology - Exceptional leadership, communication, problem-solving, critical thinking, and stakeholder management capabilities - Ability to coach and guide control owners; demonstrated ability to build consensus and work across a matrixed organization. Why work for us? The work you do at McGraw Hill will be work that matters. We are collectively building experiences that will help shape the future of education. Play your part and experience a sense of fulfilment that will inspire you to even greater heights. The pay range for this position is between $124,000 - $165,000 annually. However, base pay offered may vary depending on job-related knowledge, skills, experience, and location. An annual bonus plan may be provided as part of the compensation package, in addition to a full range of medical and/or other benefits, depending on the position offered. Click here to learn more about our benefit offerings. McGraw Hill recruiters always use a “@mheducation.com” email address and/or from our Applicant Tracking System, iCIMS. Any variation of this email domain should be considered suspicious. Additionally, McGraw Hill recruiters and authorized representatives will never request sensitive information in email. 50606

Role Description This position is primarily focused on information security governance and compliance activities and plays a key role in supporting the organization’s Information Security compliance program within a highly regulated healthcare environment. The role is responsible for executing and improving governance and compliance processes related to regulatory alignment, audit readiness, policy management, client assurance activities, and control documentation, with primary emphasis on HIPAA, HITRUST, SOC 2, and FedRAMP, in addition to other regulatory or contractual requirements. Working under the direction of the AVP, Information Security, this role helps inform process and program improvements while primarily supporting execution of governance and compliance activities across the organization. Qualifications - 5-8+ years of experience in Information Security Compliance, IT Compliance, Healthcare Compliance, Governance, or audit-related roles - Experience in the healthcare industry is preferred. - Experience supporting HITRUST, SOC 2, HIPAA, FedRAMP, and related audit or compliance activities. - Understanding of IT technical controls and the ability to translate regulatory audit, and contractual requirements into documentation, evidence, and control expectations. - Strong understanding of governance processes, compliance operations, and audit readiness practices. - Experience working with governance/compliance or GRC tools preferred. - Knowledge of security and compliance frameworks such as HITRUST, HIPAA, SOC 2, NIST, or ISO 27001. - Certifications such as CISA, CISM, CISSP, or HITRUST-related credentials are preferred. - Excellent communication skills (written, verbal and listening); able to clearly communicate complex information in an easy to understand manner; able to deliver message effectively verbally and in writing. - Ability to present to small and midsize audiences. - Ability and willingness to learn and maximize the use of technology relevant to job responsibilities. - Ability to maintain confidentiality of sensitive information. - Ability to work independently as well within a team. - Ability to organize, prioritize, and coordinate multiple work activities and meet target deadlines. - Ability to be flexible when there are schedule or priority changes and last-minute requests. - Ability to travel as needed to Company locations and third-party locations within the US. - Required licensures, professional certifications, and/or Board certifications as applicable. - Individual in this position must be able to work in a standard office environment which requires sitting and viewing monitor(s) for extended periods of time, operating standard office equipment such as, but not limited to, a keyboard, copier and telephone. Requirements - Maintain compliance documentation, control inventories, evidence repositories, and regulatory/control mappings to effectively demonstrate adherence to healthcare, information security, and contractual requirements. - Support compliance assessments, readiness reviews, and control validation activities to confirm alignment with regulatory, audit, and contractual requirements. - Provide guidance to control owners regarding compliance obligations, documentation expectations, evidence collection, remediation activities, and audit readiness. - Develop and maintain compliance metrics, dashboards, and reporting to support visibility into governance and compliance activities. - Support the development, documentation, and improvement of governance and compliance processes to enhance consistency, audit readiness, regulatory alignment, and operational efficiency. - Provide input into ongoing maturation of governance and compliance processes and help execute approved improvement initiatives. - Support administration, reporting, workflow updates, and ongoing enhancement governance and compliance tooling used to manage requirements, evidence, and related activities. - Assist with requirements gathering, testing, reporting improvements, and workflow updates governance and compliance tooling, as needed. - Stay current on relevant regulatory requirements, audit expectations, and information security compliance and assurance practices; recommend updates to documentation, controls, policies, standards, and procedures as needed. - Support audit and assurance activities related to HIPAA, HITRUST, SOC2, client requirements, security questionnaires, and other applicable reviews or certifications by coordinating evidence collection, reviewing documentation, validating control statements, supporting control owners, and tracking remediation activities. - Assist with responses to client security questionnaires, due diligence requests, and customer audit inquiries in partnership with stakeholders across Security, Technology, Legal, and other teams. - Lead and support the development, review, maintenance, and updating of information security policies, procedures, standards, and related documentation to align with regulatory requirements, audit expectations, healthcare industry standards, and contractual obligations. - Assist with the development and implementation of the organization’s security awareness training to ensure alignment with compliance requirements. - Identify opportunities to improve governance, compliance, audit readiness, and related documentation/process effectiveness across the organization. - Support other governance, compliance, and related assurance activities as assigned. - Collaborate, coordinate, and communicate across disciplines and departments with colleagues in Information Security, Technology, Legal, Internal Audit, and others. - Demonstrate Company’s Core Competencies and values held within. Benefits - Medical, dental and vision coverage with low deductible & copay - Life insurance - Short and long-term disability - Paid Parental Leave - 401(k) + match - Employee Stock Purchase Plan - Generous Paid Time Off – accrued based on years of service - 10 paid company holidays - Tuition reimbursement - Flexible Spending Account - Employee Assistance Program - Sick time benefits – for eligible employees, one hour of sick time for every 30 hours worked, up to a maximum accrual of 40 hours per calendar year, unless the laws of the state in which the employee is located provide for more generous sick time benefits Company Description Claritev is an Equal Opportunity Employer and complies with all applicable laws and regulations. Qualified applicants will receive consideration for employment without regard to age, race, color, religion, gender, sexual orientation, gender identity, national origin, disability or protected veteran status.

• Deliver specific course content in an online environment • Provide instruction, support, and guidance to students • Manage the learning process and focus on individual student needs • Monitor student progress through the learning management system • Communicate with parents and related service staff • Develop compliant IEPs, progress reports, and special education documentation • Lead collaborative special education meetings • Analyze student data to prescribe remediation and enrichment