IT Controls and Compliance Analyst
firstPRO is seeking a qualified IT Controls and Compliance Analyst for our client, a large distributor located out of New Jersey. They are looking for someone that will play an active role in strengthening the IT Controls environment across the customers and operating companies.
IT Control and Compliance Analyst
- Location: Hammonton, New Jersey
- Compensation: $40 – $45/hour with benefits (Health, Dental, Vision)
- Schedule: Standard Hours, Monday through Friday, 8:30 AM to 5:00 PM
- Oversee the IT SOX Compliance Program. Ensure IT General Controls that are efficient and effective.
- Ensure the execution of quarterly ITGC self-assessment process
- Work directly with control & process owners to remediate exceptions in controls and processes in in a way that balances our organization’s risks, structure & resourcing
- Assist in the development and rollout of NIST based cybersecurity controls throughout the organization
- Oversee the IT PCI Compliance Program.
- Proactively monitoring for changes to PCI DSS to ensure continued compliance to PCI DSS.
- Assist in the buildout of the IT Privacy initiative by identifying how personal data is used, shared, stored, and deleted within the organization and determine applicability with state and federal requirements
- Provide guidance on process improvements and corrective action plans as necessary
- Identify and validate key controls, working with various teams to address identified deficiencies and help identify compensating controls.
- Partner with Internal Audit to define ongoing control testing processes & procedures.
- Interact with both internal and external auditors as the main point of communication from IT
- Keep abreast of regulatory and IT compliance developments within or outside of the company as well as evolving best practices in compliance control
- Assist in the review of the SaaS applications SOC 1 reports and follow-up actions on complementary User Entity Controls or other compensating controls
- Review compliance related procedures, documentation and sign-off on IT Incident and change management processes
- Work closely with internal business partners in the development and implementation of a segregation of duties controls framework
- Bachelor’s Degree in computer science or business administration
- CISA, CISM, CISSP certification preferred or working towards certification
- Good understanding of SOX Compliance requirements and IT General Controls
- Good understanding of PCI DSS controls
- Experience with compliance frameworks such as CIS, NIST, COSO, COBIT, ISO 27001
- Experience coordinating and executing security and compliance audits
- Knowledge of State and Federal legislation and regulatory laws pertaining to information system security and privacy