Position: IT Compliance Analyst I
Duration: 12 month contract, with potential to hire
Conversion salary: $80-100K
Required:
1) 3-5 years of IT Compliance/Audit Experience - testing/monitoring IT Controls for SOX 404 and SOC2 engagement
2) Bachelor's degree
Nice to Have:
1) Big 4 experience
2) CISA (Certified Information Systems Auditor) cert.
3) Using ServiceNow GRC product, Excel, SharePoint and SailPoint (just navigating for user access)
Job Description
JOB PURPOSE AND SCOPE:
Performs information system audit compliance tasks to ensure new and existing information systems applications have appropriate controls; that processing is efficient and accurate; and that systems and procedures are in compliance with all applicable policies. Contributes to the development and maintenance of compliance controls, policies and procedures. Works with audit staff (internal, external and regulator) to coordinate compliance testing, remediation and monitoring. Initiates problem solving and process improvement where needed.
ESSENTIAL FUNCTIONS:
1. Plan, organize, facilitate and document the IT risk management process, including coordination of periodic risk assessments and risk mitigation activities to include ITGC and IT Management participation as well as monitor and report progress on mitigation activities.
2. Work with IT department teams in the planning and execution of risk assessment and control evaluation for existing and new systems and processes.
3. Partner with IT Security Officer and IT Management to assure Bank and Association information assets are effectively safeguarded.
4. Assists with the development and maintenance of internal IT controls designed to comply with the requirements of sections 302 and 404 of The Sarbanes-Oxley Act (SOX) and Service Organization Controls (SOC2).
5. Create and maintain SOX and SOC2 General Computer Control (GCC) documentation.
6. Identify suitable IT internal controls to ensure compliance with laws, regulations and industry best practices.
7. Assist IT functional teams with the development, documentation, implementation, monitoring and reporting of control processes and process flow charts, documentation and compliance routines.
8. Coordinate remediation requirements for any internal control deficiencies identified either directly as part of the monitoring process or through the formal testing processes.
9. Support IT Management in the development of responses to all internal and external audits and examinations.
10. Establish and maintain productive working relationships with IT team members and with Internal Audit and other Bank and Association customers. Be the face of IT Compliance for all IT Compliance tasks and activities.
SKILL REQUIREMENTS:
Strong knowledge of Information Technology (IT) compliance methodology and Control Objectives for Information and related Technology (COBIT) and other industry recognized standards related to IT controls (e.g., Federal Financial Institutions Examination Council (FFIEC)).
Demonstrated skills in performing process/control walkthroughs and control testing and creating procedure narratives and flowcharts.
Demonstrated interpersonal skills (e.g., self-initiative), excellent oral and written communication skills, analytical skills, problem solving and organization skills are essential
