IT Compliance Analyst
Location: West Pittsburgh, PA
Job Type: Contract to Hire
Work closely with key cross-functional stakeholders across IT, Enterprise Risk Management, Information Security, Internal Audit and relevant business groups to assist with facilitating and supporting ongoing and growing compliance activities and assurance initiatives.
- Meet and track processes to monitor compliance activities and effectiveness of IT controls/compliance evidence to ensure the Company meets regulatory requirements.
- Assist with audit evidence gathering to support External and Internal Audit cycles.
- Support and facilitate management’s quarterly control self-assessments.
- Collaborate with application owners and technology groups to synchronize plans to remediate gaps.
- Track compliance processes such as remediation plans, audit requests, and recurring audit reviews to ensure timely completion.
- Develop and update compliance control and process documentation as required in support of IT control framework initiatives.
- Assist with the development, enforcement, and maintenance of policies, procedures, measures, and mechanisms to protect the security, confidentiality, integrity and availability of information.
Education & Experience:
- 3+ years of IT Audit, IT Compliance, Information Security, or other relevant IT experience.
- Prior financial services experience with exposure to SOX IT General Controls, SOC2, or other compliance regulations.
- Experience in modern cloud development and delivery platforms such as Microsoft Azure is highly desired.
- Bachelor’s degree from an accredited college or university in Information Technology, Information Systems, Accounting and/or Business. (Comparable IT industry experience and certifications will be considered in lieu of a degree.)
- A strong understanding of IT risks, processes, and controls and ability to converse at a technical level.
- Working knowledge of AICPA Trust Service Principles and COBIT 5.0 (or prior versions), particularly with the IT Governance and Risk frameworks.
- Familiar with IT principles/frameworks such as ITIL and ISO Standard 27001/2.
- Strong interpersonal, writing, project planning, and time management skills.