IT Compliance Analyst Job Description
IT Compliance Analyst Duties & Responsibilities
To write an effective IT compliance analyst job description, begin by listing detailed duties, responsibilities and expectations. We have included IT compliance analyst job description templates that you can modify and use.
Sample responsibilities for this position include:
IT Compliance Analyst Qualifications
Qualifications for a job description may include education, certification, and experience.
Licensing or Certifications for IT Compliance Analyst
List any licenses or certifications required by the position: CISA, CISSP, CRISC, PCI, CISM, CGEIT, CIA, CPA, SOX, ISO
Education for IT Compliance Analyst
Typically a job would require a certain level of education.
Employers hiring for the IT compliance analyst job most commonly would prefer for their future employee to have a relevant degree such as Bachelor's and Collage Degree in Computer Science, Business, Information Systems, Accounting, Information Technology, Education, Information Security, Finance, Management Information Systems, Business/Administration
Skills for IT Compliance Analyst
Desired skills for IT compliance analyst include:
Desired experience for IT compliance analyst includes:
IT Compliance Analyst Examples
IT Compliance Analyst Job Description
- Provide daily review of IT SCADA system changes ensure compliance requirements for change management are maintained with appropriate evidence validation
- Support NERC CIP Compliance projects with analysis, design, build and test solutions in accordance NERC standards
- Performs period review of audit logs and monitoring alerts from various systems including Anti-Virus, Identity & Access Management, IDS/IPS, Active Directory, iSeries, Collects and analyzes data and prepares executive summary reports
- Demonstrate leadership by directing the work of 2 to 5 analysts, providing direct support for all active IT Compliance initiatives
- Drive for timely completion of Business Continuity, Disaster Recovery, Vendor Management, Information Security, and SharePoint/EDMS projects to meet business needs
- Ensure all IT Compliance audits, such as GPO and Device Lockdown, Supplier Portfolio Reviews, and Privacy Compliance audits, are properly executed according to each procedure, within the required timeframe, with proper storage and retention of evidence in accordance to the Information Security Policy
- Demonstrate leadership by facilitating weekly Compliance Team meetings and preparing presentation materials for senior management, including monthly Business Process Review (BPR) updates
- Responsible for ensuring the transfer of global business requirements into sound designs and implementations
- Responsible for reviewing and approving all official documentation maintained by the team, including the team’s inventory of all official records, presentation materials, templates, and written communications
- Responsible for weekly status reporting to the team’s Supervisor, escalation of issues, and reviews/updates to written communications and presentation materials for senior management
- Develop key process, system and control documentation
- Facilitate Service Organization Control reporting and analysis
- Teach internal stakeholders “how to fish” while advising on technical compliance issues
- Excellent written and verbal communication skills with the ability to communicate technical compliance issues to any audience
- Experience with evaluations of SOC1 reports
- Experience with Oracle EBS, Oracle BRM and/or Hyperion Financials
IT Compliance Analyst Job Description
- Performs IT control assessments/reviews to determine compliance with policies, standards, regulations, These areas include system development, physical & logical access, data centers, databases, applications, routers, firewalls
- Maintain and improve the IT SOX compliance program
- Security Compliance on security issues within IS Infrastructure
- Compile Stakeholder Alert status from InfoSec, IT Risk Management, Internal Auditing, IT Compliance, and CCM, tracking the remediation status via a monthly stakeholder report
- Partner with IT Compliance to alert or resolve the detected anomalies
- Work with external auditors as required/needed
- Review procedures for compliance with established requirements
- Rout exceptions for approval, file Policy/Firewall exceptions on clients behalf where appropriate
- Perform administrative document management duties for TechLib CM clients
- Provide compliance related requirements for major changes within the IT development community
- MBA or Masters Degree in Information Technology/Computer Science or related field
- Previous experience maintaining a Business Continuity and/or Disaster Recovery Plan
- Intermediate to Advanced MS Excel experience (file merging, pivot tables, formulas, macros)
- Previous experience with SharePoint, EDMS and/or Shared Drives for document management
- Must have fundamental knowledge of basic IT concepts, technologies, practices
- Knowledge of IT Security frameworks including COBIT, NIST, ISO 27000
IT Compliance Analyst Job Description
- Gather, analyze and evaluate risk and risk related data
- Performs research on policies and procedures regulations
- Develops and maintains positive relationships with IT staff and customers
- Assists in documentation of ABC’s IT General Controls
- Document IT controls and control changes in order for ABC to comply with corporate and regulatory requirements
- Understands the IT operating model and is adept at forming a team of SMEs to complete all aspects of the CAPA within the needed timelines
- Responsible for identifying control deficiencies and communicating the deficiency to the Control Owners
- Develop, implement, and maintain IT Compliance controls
- Review, document, evaluate, and test manual and automated computer controls throughout the corporate IT environment
- Interact with external and client auditors as part of required reviews of our IT Compliance Controls
- Knowledge of Amazon AWS system
- Interprets compliance requirements to develop practical and cost-effective standards and training to ensure regulatory compliance
- Ensures compliance/training documentation are reviewed and maintained
- May establish compliance/training tracking systems for programs and serve on compliance/ training committees or forums
- The candidate shall have good knowledge of IT operations
- Experience in process definition and control definitions based on industry best practices
IT Compliance Analyst Job Description
- Assist with audit evidence gathering to support internal and external SOX testing
- Assist with the SOX audit processes, including
- Consults, advises, and participates in the design of various IT processes and controls to support compliance with policies, standard, regulatory requirements
- Develops and delivers various trainings as it relates to compliance, controls, security
- Provide overall support on IT compliance related issues
- Proactively assess processes and IT controls across the enterprise
- Execute Compliance tests of operating effectiveness for IT Systems and internal controls
- Develop and review existing IT compliance controls for regulatory updates and perform required gap analysis
- Expertise with flowcharting software tools
- Adaptable to shifting priorities, demands, and timelines through analytical and problem-solving capabilities
- Deadline-driven, detail oriented, focus on efficiencies and process improvement
- Ability to explain technical jargon in simplified terms
- Experience auditing SAP environments preferred
- Customer Focus--Reshaping the customer expectations and the competitive landscape, exploit market/customer trends
- Change and Innovation—Set the change agenda to enable and empower transformation, and push the existing boundaries
- Strategic Thinking—Establish/communicate strategic direction, turn strategy in to drivers
IT Compliance Analyst Job Description
- Carries out assigned tasks in support of Software compliance
- Demonstrates basic knowledge of IT Architecture(s) and use of related technologies to manage compliance
- Displays basic knowledge in the use of discovery tools and procedures
- Ensure vendor/software renewals are current and reflected in contract management tool
- Experience with software licensing and use of a contract management tool highly desired
- Support and/or coordinate the yearly processes such as Asset Identification Review and Approval process
- Support development and tracking of Self Reports and Mitigation Plans, coordinating with Transmission Strategy & Compliance (TS&C), BUCC’s, Standard Owners, Legal, registered entity(ies) and other team members
- Assist with the identification of IT-related NERC CIP initiatives and projects
- Support the Standard Owners to drive the adoption of standardized, automated NERC CIP IT processes and tools across the enterprise
- Support Annual processes including the yearly Asset Identification and Approval process annual document reviews
- Relationship Building/Influence—Foster communication amongst internal/external business leaders, create synergies that eliminate boundaries
- Talent Management—Anticipate organization ability and build bench strength
- Inspirational Leadership—Grow reputation as a leader, motivate and inspire people across the organization
- BS/BA in related field and a minimum of 5 years relevant experience preferred
- Bachelor's degree in computer science, information systems, engineering, business, accounting, finance, or a related field strongly preferred
- Experience in business process analysis, project methodology, or systems development life cycle preferred