Senior IT Compliance Analyst

The Senior IT Compliance Analyst will be responsible for supporting the development, implementation, and continuous improvement of our IT compliance framework. Your responsibilities will include IT controls testing, process reviews, risk assessments, and leading various compliance initiatives to ensure adherence to regulatory requirements and industry best practices.

Responsibilities

• ITGC and Application Controls Testing: Performing IT general controls (ITGC) and application controls testing in accordance with SOX and other regulatory requirements.
• Remediation: Identifying control gaps through assessments and process reviews, recommending remediation actions, and tracking resolution progress.
• Vendor Risk Management: Reviewing Service Organization Controls (SOC) reports and supporting third-party vendor risk management activities.
• Policy Development: Creating and maintaining IT policies and procedures with regular updates to reflect changes in the IT environment.
• User Access Reviews: Facilitating quarterly user access reviews, including quality reviews of deliverables.
• Log Review Monitoring: Conducting quarterly log reviews, including SAP firefighter logs and administrator activity logs.
• Compliance Training: Assisting in the development and delivery of IT compliance training and awareness initiatives.
• Audit Engagements: Supporting audit preparations and facilitating engagements with internal and external auditors.
• Documentation: Creating process flow diagrams to document workflows and controls.
• Ad-hoc Projects: Managing special IT compliance projects and additional responsibilities as assigned.

Requirements

• Bachelor s degree in Information Technology, Computer Science, Business, or a related field.
• Relevant certifications such as CISA, CIA, PMP, CRISC, or other technical certifications (preferred).
• 5+ years of hands-on experience in IT compliance, IT audit, or related roles, preferably in a fast-paced or high-growth environment.
• Familiarity with enterprise technologies, including SAP S/4 HANA, SAP GRC, and NetSuite.
• In-depth knowledge of SOX requirements including IT General Controls (ITGCs), Application Controls and Key Reports.
• Working knowledge of industry standards and frameworks, including SOC, PCI, NIST, and ISO standards (preferred).
• Strong problem-solving, analytical, and interpersonal skills with attention to detail.
• Excellent communication skills for effective collaboration with technical and non-technical stakeholders.
• Demonstrated ability to engage and work effectively with internal and external auditors.
• Self-motivated with the ability to work independently and manage multiple priorities with minimal supervision.
• Proactive attitude with adaptability to a dynamic, fast-paced environment.