Primary Role: The Senior Information Technology Controls Analyst works with teams across the company to identify and make recommendations on information risk and control optimization. The ideal candidate has prior IT auditing experience and is familiar with SaaS (Software-as-a-Service) Architecture, Security, Support and Operations. The IT Controls Analyst, Senior position involves defining and conducting IT risk assessments and providing services to business and users on information and systems risk/compliance. We are looking for folks who pay attention to detail and love finding creative and thoughtful solutions to a variety of compliance challenges.

Primary Duties and Responsibilities:

• Conduct compliance IT assessments by understanding business objectives, structure, policies and procedures, internal controls, and external regulations
• Document systems, processes and controls using narratives, flow charts, data flow diagrams, etc.
• Complete audit work papers by documenting audit tests and findings
• Perform risk assessment using various industry standard frameworks
• Assess the effectiveness of internal controls over key IT risk
• Identify and recommend business process changes resulting in strengthened internal controls
• Collaborate with control owners to implement process changes and track to completion
• Advise and collaborate on projects by providing IT controls expertise and considerations
• Understand and communicate the downstream impact on the business of control deficiencies
• Perform other duties as assigned.

Qualifications:

• Bachelors in Computer Science, Management Information Systems, Information Technology or related areas
• Masters in Computer Science, Management Information Systems, Information Technology or related areas preferred
• CISA, CISM, CISSP, CIA or CRISC preferred
• 3 years minimum general IT controls and automated application controls experience
• Big 4 IT auditing experience preferred

Preferred Qualifications:

• Knowledge of Sarbanes-Oxley general IT control areas
• Knowledge of HIPAA
• Knowledge of and experience in utilizing various methodologies and frameworks, including, COBIT, COSO, ITIL,
• 27001/27002 and 27018, SOC 1 and SOC 2 Type 2
• Understanding of general data privacy concepts and practices

Interpersonal Skills:

• Highly motivated and team oriented
• Excellent customer service skills
• Extremely detail-oriented with strong organizational and follow-up skills, as well as experienced in handling multiple projects simultaneously
• Excels in a fast paced and evolving environment
• Looks for new and creative ways to solve problems or improve processes
• Issue resolution skills
• Strong analysis skills with the ability to handle confidential information
• Ability to work independently under general supervision with considerable latitude for initiative and independent judgment
• Effective verbal and written communications, including active listening skills and skill in presenting findings and recommendations
• Ability to establish and maintain harmonious working relationships with co-workers, staff and external auditors, and to work effectively in a professional team environment

Travel Requirement:

• Occasional travel may be expected

Please note this job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for this job. Duties, responsibilities and activities may change at any time with or without notice.

PI143550441