At Owens & Minor, we are a critical part of the healthcare process. As a Fortune 500 company with 350+ facilities across the US and 22,000 teammates in over 90 countries, we provide integrated technologies, products and services across the full continuum of care. Customers—and their patients—are at the heart of what we do.

Our mission is to empower our customers to advance healthcare, and our success starts with our teammates. 

Owens & Minor teammate benefits include:

• Medical, dental, and vision insurance, available on first working day

• 401(k), eligibility after one year of service

• Employee stock purchase plan

• Tuition reimbursement

• The anticipated salary range for this position is ​$90,300.00 - $167,700.00 USD Annual. The actual compensation offered may vary based on job related factors such as experience, skills, education and location.

Qualifications:

• Execute recurring IT General Controls (ITGCs) and Application Controls across identity and access management, change management, backup validation, and system operations.
• Perform segregation of duties (SoD) checks and system role conflict reviews, documenting outcomes and flags for remediation.
• Carry out periodic access recertifications and user access reviews (UAR) across in-scope applications and infrastructure.
• Support daily/weekly control tasks such as security log reviews, backup job confirmations, and interface monitoring logs.
• Collect and upload evidence for each control execution on a recurring basis; ensure evidence is complete, timely, and appropriately formatted for audit.
• Maintain a centralized evidence repository, ensuring proper access control, versioning, and archival.
• Track upcoming deadlines for control performance and escalate potential delays to the compliance lead.
• Log identified issues, exceptions, or control gaps in the GRC tool or tracking system.
• Follow up with control owners for status updates and supporting documentation on remediation efforts.
• Participate in control validation testing post-remediation under the direction of audit or compliance leads
• Monitor workflow tickets related to SOX-relevant processes (e.g., access provisioning, change deployments).
• Operate within GRC or compliance systems (e.g., ServiceNow GRC, Workiva, AuditBoard) to input evidence, maintain audit trails, and run reports.
• Create and maintain control trackers, checklists, and operational dashboards for internal reporting.
• Draft or update control narratives, SOPs, flowcharts, and control matrices for IT SOX processes.
• Perform quarterly documentation refreshes for in-scope applications, systems, and control activities.
• Ensure system inventories, scoping documents, and access maps remain current with business/system changes.

Minimum Qualifications:

• Bachelor’s degree in Information Systems, Computer Science, Accounting, or a related discipline.
• 6–10 years of experience in IT SOX operations, IT audit, or GRC support roles.
• Hands-on experience with access review processes, change ticket validation, and basic log verification procedures.
• Experience using tools such as AuditBoard, Workiva, or ServiceNow

Preferred Qualifications:

• Exposure to cloud environments (AWS, Azure) and SaaS application controls (e.g., Workday, Salesforce).
• Experience with public company audit cycles and control execution under deadlines.
• Familiarity with common compliance toolsets like AuditBoard, Workiva, or ZenGRC.
• Certifications like CISA, CRISC, or CompTIA Security+ are helpful

If you feel this opportunity could be the next step in your career, we encourage you to apply. This position will accept applications on an ongoing basis.

Owens & Minor is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, national origin, sex, sexual orientation, genetic information, religion, disability, age, status as a veteran, or any other status prohibited by applicable national, federal, state or local law.