IT Compliance Analyst

IT Compliance Analyst with at least 3 years of experience in tasks related to: corporate, internal, Sarbanes-Oxley (SOX) auditing, testing of controls, IT process definition/implementation/consulting/compliance, and issue/deficiency remediation. Strong communication, interpersonal and negotiation skills are required to communicate/negotiate with both internal/external auditors, as well as process owners.

Job responsibilities include but are not limited to:

- Managing or coordinating audits for SOX or Corporate/Internal ICT Auditors, as well as supporting and managing audit tasks, gathering evidence required for audits, working with Control/Process Owners to fix audit related issues.

- Interpret IT audit requirements from different audits and devising ways to improve existing IT processes and controls across different IT environments.

- Identifying risks and being able to work/provide advice on developing, documenting, and maintaining IT policies, procedures, processes, standards and control documents.

- Consult, train, and work with IT/Business Management (IT Managers and Business Process Leads) when implementing/modifying IT processes.

- Periodic status reports to Sr. Management (IT Leadership and Finance/Accounting Department) on control audit status, audit issues/deficiencies, process/procedure implementation and/or compliance findings.

Qualifications, Experience and Competency Requirements:

Education:

Bachelors or Masters in computer related fields such as Computer Science, Information Systems or Management Information Systems.

Experience

Essential:

- 3+ years of Audit or IT Risk and Compliance work at a medium/large IT organization.

- In-depth knowledge on best practices for the following key processes

IT Program Change Tools and Process

IT Software/Code/Program Development

IT Application/Tool Maintenance

IT Security Management

IT Project Management

IT User Access Management

Operating System (Mainframe, Unix, Windows), Network and Database

Security/Access Management Concepts

Data Privacy

Managing or coordinating multiple audits, facilitating audit exceptions/issues to remediation within a timely manner, and prioritizing audit concerns/questions in a risk oriented manner.

Job Description

Desirable:

- Great knowledge of COBIT/COSO/ITIL/ISO 27001 framework.

- Experience/Knowledge of ERP applications security, specifically SAP Security and PeopleSoft Security.

- Experience/knowledge of business intelligence/reporting/data analytical softwares like Qlikview, Cognos, IBM Business Objects, and Essbase.

- Experience/knowledge of tools such as Service Now, Serena Dimensions, and Github.

- Audit management experience with GRC tools such as Bwise and Workiva.