Audit and Compliance Analyst

• Full time position, 3-5 days per week in office (not shift)
• Department: ASPIRE Managed Services
• Practice: Services Reliability Group
• Vetting Requirements: N/A

Role Summary:

We are seeking an experienced and results-driven IT Audit and Compliance Analyst who will be responsible for ensuring that the ASPIRE Global Service Centres IT systems, processes, and controls comply with internal policies, regulatory requirements, and industry standards. This role supports risk management efforts by conducting and participating in audits, identifying control gaps, and recommending improvements to strengthen the controls within the environment.

Key Responsibilities:

• Define concise and actionable audit findings, whilst planning the delivery of recommendations, including scoping and resource assignment
• Monitoring and reporting on the status of audit findings and compliance issues
• Participation in evaluations of ASPIRE GSC systems against regulatory and policy requirements (e.g. GDPR, ISO 27001, SOX)
• To create, publish and maintain a forward schedule of Audits for the wider stakeholder awareness
• Support external audits and regulatory inspections by providing requested documentation and explanations
• Collaborate with Practice IT teams and Security to assess compliance with internal policies and external regulations
• Evaluate the effectiveness of IT controls, i.e. related to access management, change management, data protection, and system operations
• Documentation of IT risks, controls, and mitigation activities
• Working in conjunction with IT Service Management Process owners, manage proposed updates / closure of identified gaps and improvements to service management processes and procedures
• Assist in the development and implementation of IT compliance frameworks and control testing programs
• Maintain up-to-date knowledge of relevant laws, regulations, and industry standards

Skills, Education & Qualifications:

• 3+ years in IT audit, IT compliance, or information security roles
• Familiarity with regulatory frameworks (e.g., SOX, GDPR, HIPAA) and standards (e.g., NIST, ISO 27001, COBIT)
• Experience with audit tools, Governance, Risk and Compliance platforms and risk assessment methodologies
• Strong analytical and problem-solving abilities
• Excellent written and verbal communication skills
• Ability to manage multiple priorities and work independently
• High attention to detail and integrity in handling sensitive information.