IT Compliance Analyst

Location: West Pittsburgh, PA

Job Type: Contract to Hire

Work closely with key cross-functional stakeholders across IT, Enterprise Risk Management, Information Security, Internal Audit and relevant business groups to assist with facilitating and supporting ongoing and growing compliance activities and assurance initiatives.


  • Meet and track processes to monitor compliance activities and effectiveness of IT controls/compliance evidence to ensure the Company meets regulatory requirements.
  • Assist with audit evidence gathering to support External and Internal Audit cycles.
  • Support and facilitate management’s quarterly control self-assessments.
  • Collaborate with application owners and technology groups to synchronize plans to remediate gaps.
  • Track compliance processes such as remediation plans, audit requests, and recurring audit reviews to ensure timely completion.
  • Develop and update compliance control and process documentation as required in support of IT control framework initiatives.
  • Assist with the development, enforcement, and maintenance of policies, procedures, measures, and mechanisms to protect the security, confidentiality, integrity and availability of information.

Education & Experience:

  • 3+ years of IT Audit, IT Compliance, Information Security, or other relevant IT experience.
  • Prior financial services experience with exposure to SOX IT General Controls, SOC2, or other compliance regulations.
  • Experience in modern cloud development and delivery platforms such as Microsoft Azure is highly desired.
  • Bachelor’s degree from an accredited college or university in Information Technology, Information Systems, Accounting and/or Business. (Comparable IT industry experience and certifications will be considered in lieu of a degree.)
  • A strong understanding of IT risks, processes, and controls and ability to converse at a technical level.
  • Working knowledge of AICPA Trust Service Principles and COBIT 5.0 (or prior versions), particularly with the IT Governance and Risk frameworks.
  • Familiar with IT principles/frameworks such as ITIL and ISO Standard 27001/2.
  • Strong interpersonal, writing, project planning, and time management skills.