As an IT compliance analyst, you will assist in the assessment of technology-related compliance issues across the organization including information security, identity management, user access, configuration management and data integrity. This includes working with systems owners and administrators to identify, document and monitor current risks and controls.
The successful candidate will monitor and measure ongoing compliance with regulations, interpret regulatory and business requirements and their impact on technology choices, and communicate IT requirements and expectations to impacted business areas. They will work together with IT and business teams to identify and manage compliance requirements to help meet stakeholder expectations.
Day to Day Tasks:
Monitor activities of assigned IT areas to ensure compliance with internal policies and procedures including configuration, account, and activity reviews.
Triage Change Management issues and provide recommendations consistent with maintaining compliance standards and business operations.
Identify creative solutions that minimize both compliance risk and resources required to comply and impact business operations.
Drive proactive corrective action where required.
Coordinate the creation, review and implementation of policies and procedures resulting from audit findings or changes in regulations.
Contribute to and/or prepare materials to ensure successful training, awareness and outreach campaigns are conducted and compliance requirements are met.
Apply and interpret audit and compliance requirements for team members.
Coordinate internal business unit audits and interact with external auditors on matters related to audits of the organization’s internal controls.
Minimum Qualifications, Skills, and Education:
Bachelors degree or close to completion in technology related disciplines
1-3 years of experience in compliance, security.
Advanced Microsoft Suite knowledge
English level B2+ or higher
Preferred Qualifications, Skills, and Education:
Knowledge of policies and procedures related to CMMC, ITAR/CUI regulations, NIST 800-171, GDPR, CCPA, and SOX 404
Previous experience developing and delivering content for IT/Cyber training and awareness.
ISACA certification (CISA, CRISC, or CISM) desirable.
