IT Compliance Analyst Job Description
IT compliance analyst
provides PCI DSS, SOX, project and governance expertise and consulting to the IT organization, ensuring compliance with PCI and SOX information technology internal controls.
IT Compliance Analyst Duties & Responsibilities
To write an effective IT compliance analyst job description, begin by listing detailed duties, responsibilities and expectations. We have included IT compliance analyst job description templates that you can modify and use.
Sample responsibilities for this position include:
Serves as a point of contact for IT-related audits, including external (PCI, SOX) and internal audits
Assist with development and implementation of application security policies, standards, and education efforts
Collaborates with the Corporate Information Security and Compliance teams to review Information Security policies, standards, procedures, and guidelines
Coordinate and facilitate the creation/updates to the SOX control Narratives per client group request
Facilitate the quarterly SOX BPO signoff with the Senior Director and appropriate Manager(s), and IT Compliance
Work with stakeholders and Subject Matter Experts on the maintenance and/or development of documentation (include Standards, Configuration Manuals, Process Manuals, and exception requests) as a result of audit or compliance findings
Collaborate with the Corporate Information Security and Compliance teams to review Information Security policies, standards, procedures, and guidelines
Researching privacy-related topics to enhance departmental privacy effort (Privacy by Design, Privacy Impact Assessment)
Plan and implement security measures to protect computer systems, networks and data
Provide input to the information security awareness, training and education program
IT Compliance Analyst Qualifications
Qualifications for a job description may include education, certification, and experience.
Licensing or Certifications for IT Compliance Analyst
List any licenses or certifications required by the position: CISA, CISSP, CRISC, PCI, CISM, CGEIT, CIA, CPA, SOX, ISO
Education for IT Compliance Analyst
Typically a job would require a certain level of education.
Employers hiring for the IT compliance analyst job most commonly would prefer for their future employee to have a relevant degree such as Bachelor's and Collage Degree in Computer Science, Business, Information Systems, Accounting, Information Technology, Education, Information Security, Finance, Management Information Systems, Business/Administration
Skills for IT Compliance Analyst
Desired skills for IT compliance analyst include:
COBIT
PCI
Standards
COSO
Change management
SOX
PCI-DSS
GDPR
ITIL
21CFR Part 11
Desired experience for IT compliance analyst includes:
Pursuing BA or BS Degree in Information Security, Computer Science or related field
Ability to work with a broad spectrum of people with varying levels of technical acumen
Person who has started to engage in obtaining a CISA, CISSP, PMP, CRISC or other relevant designation preferred
Minimum of 3-5 years general accounting background
Experience with GRC & audit tools
Provide guidance on enterprise access entitlement management program and segregation of duty requirements
IT Compliance Analyst Examples
1
IT Compliance Analyst Job Description
Job Description Example
Our company is hiring for an IT compliance analyst. If you are looking for an exciting place to work, please take a look at the list of qualifications below.
Responsibilities for IT compliance analyst
- Provide daily review of IT SCADA system changes ensure compliance requirements for change management are maintained with appropriate evidence validation
- Support NERC CIP Compliance projects with analysis, design, build and test solutions in accordance NERC standards
- Performs period review of audit logs and monitoring alerts from various systems including Anti-Virus, Identity & Access Management, IDS/IPS, Active Directory, iSeries, Collects and analyzes data and prepares executive summary reports
- Demonstrate leadership by directing the work of 2 to 5 analysts, providing direct support for all active IT Compliance initiatives
- Drive for timely completion of Business Continuity, Disaster Recovery, Vendor Management, Information Security, and SharePoint/EDMS projects to meet business needs
- Ensure all IT Compliance audits, such as GPO and Device Lockdown, Supplier Portfolio Reviews, and Privacy Compliance audits, are properly executed according to each procedure, within the required timeframe, with proper storage and retention of evidence in accordance to the Information Security Policy
- Demonstrate leadership by facilitating weekly Compliance Team meetings and preparing presentation materials for senior management, including monthly Business Process Review (BPR) updates
- Responsible for ensuring the transfer of global business requirements into sound designs and implementations
- Responsible for reviewing and approving all official documentation maintained by the team, including the team’s inventory of all official records, presentation materials, templates, and written communications
- Responsible for weekly status reporting to the team’s Supervisor, escalation of issues, and reviews/updates to written communications and presentation materials for senior management
Qualifications for IT compliance analyst
- Develop key process, system and control documentation
- Facilitate Service Organization Control reporting and analysis
- Teach internal stakeholders “how to fish” while advising on technical compliance issues
- Excellent written and verbal communication skills with the ability to communicate technical compliance issues to any audience
- Experience with evaluations of SOC1 reports
- Experience with Oracle EBS, Oracle BRM and/or Hyperion Financials
2
IT Compliance Analyst Job Description
Job Description Example
Our growing company is hiring for an IT compliance analyst. To join our growing team, please review the list of responsibilities and qualifications.
Responsibilities for IT compliance analyst
- Performs IT control assessments/reviews to determine compliance with policies, standards, regulations, These areas include system development, physical & logical access, data centers, databases, applications, routers, firewalls
- Maintain and improve the IT SOX compliance program
- Security Compliance on security issues within IS Infrastructure
- Compile Stakeholder Alert status from InfoSec, IT Risk Management, Internal Auditing, IT Compliance, and CCM, tracking the remediation status via a monthly stakeholder report
- Partner with IT Compliance to alert or resolve the detected anomalies
- Work with external auditors as required/needed
- Review procedures for compliance with established requirements
- Rout exceptions for approval, file Policy/Firewall exceptions on clients behalf where appropriate
- Perform administrative document management duties for TechLib CM clients
- Provide compliance related requirements for major changes within the IT development community
Qualifications for IT compliance analyst
- MBA or Masters Degree in Information Technology/Computer Science or related field
- Previous experience maintaining a Business Continuity and/or Disaster Recovery Plan
- Intermediate to Advanced MS Excel experience (file merging, pivot tables, formulas, macros)
- Previous experience with SharePoint, EDMS and/or Shared Drives for document management
- Must have fundamental knowledge of basic IT concepts, technologies, practices
- Knowledge of IT Security frameworks including COBIT, NIST, ISO 27000
3
IT Compliance Analyst Job Description
Job Description Example
Our company is growing rapidly and is searching for experienced candidates for the position of IT compliance analyst. To join our growing team, please review the list of responsibilities and qualifications.
Responsibilities for IT compliance analyst
- Gather, analyze and evaluate risk and risk related data
- Performs research on policies and procedures regulations
- Develops and maintains positive relationships with IT staff and customers
- Assists in documentation of ABC’s IT General Controls
- Document IT controls and control changes in order for ABC to comply with corporate and regulatory requirements
- Understands the IT operating model and is adept at forming a team of SMEs to complete all aspects of the CAPA within the needed timelines
- Responsible for identifying control deficiencies and communicating the deficiency to the Control Owners
- Develop, implement, and maintain IT Compliance controls
- Review, document, evaluate, and test manual and automated computer controls throughout the corporate IT environment
- Interact with external and client auditors as part of required reviews of our IT Compliance Controls
Qualifications for IT compliance analyst
- Knowledge of Amazon AWS system
- Interprets compliance requirements to develop practical and cost-effective standards and training to ensure regulatory compliance
- Ensures compliance/training documentation are reviewed and maintained
- May establish compliance/training tracking systems for programs and serve on compliance/ training committees or forums
- The candidate shall have good knowledge of IT operations
- Experience in process definition and control definitions based on industry best practices
4
IT Compliance Analyst Job Description
Job Description Example
Our innovative and growing company is looking for an IT compliance analyst. We appreciate you taking the time to review the list of qualifications and to apply for the position. If you don’t fill all of the qualifications, you may still be considered depending on your level of experience.
Responsibilities for IT compliance analyst
- Assist with audit evidence gathering to support internal and external SOX testing
- Assist with the SOX audit processes, including
- Consults, advises, and participates in the design of various IT processes and controls to support compliance with policies, standard, regulatory requirements
- Develops and delivers various trainings as it relates to compliance, controls, security
- Provide overall support on IT compliance related issues
- Proactively assess processes and IT controls across the enterprise
- Execute Compliance tests of operating effectiveness for IT Systems and internal controls
- Develop and review existing IT compliance controls for regulatory updates and perform required gap analysis
- Expertise with flowcharting software tools
- Adaptable to shifting priorities, demands, and timelines through analytical and problem-solving capabilities
Qualifications for IT compliance analyst
- Deadline-driven, detail oriented, focus on efficiencies and process improvement
- Ability to explain technical jargon in simplified terms
- Experience auditing SAP environments preferred
- Customer Focus--Reshaping the customer expectations and the competitive landscape, exploit market/customer trends
- Change and Innovation—Set the change agenda to enable and empower transformation, and push the existing boundaries
- Strategic Thinking—Establish/communicate strategic direction, turn strategy in to drivers
5
IT Compliance Analyst Job Description
Job Description Example
Our innovative and growing company is hiring for an IT compliance analyst. Thank you in advance for taking a look at the list of responsibilities and qualifications. We look forward to reviewing your resume.
Responsibilities for IT compliance analyst
- Carries out assigned tasks in support of Software compliance
- Demonstrates basic knowledge of IT Architecture(s) and use of related technologies to manage compliance
- Displays basic knowledge in the use of discovery tools and procedures
- Ensure vendor/software renewals are current and reflected in contract management tool
- Experience with software licensing and use of a contract management tool highly desired
- Support and/or coordinate the yearly processes such as Asset Identification Review and Approval process
- Support development and tracking of Self Reports and Mitigation Plans, coordinating with Transmission Strategy & Compliance (TS&C), BUCC’s, Standard Owners, Legal, registered entity(ies) and other team members
- Assist with the identification of IT-related NERC CIP initiatives and projects
- Support the Standard Owners to drive the adoption of standardized, automated NERC CIP IT processes and tools across the enterprise
- Support Annual processes including the yearly Asset Identification and Approval process annual document reviews
Qualifications for IT compliance analyst
- Relationship Building/Influence—Foster communication amongst internal/external business leaders, create synergies that eliminate boundaries
- Talent Management—Anticipate organization ability and build bench strength
- Inspirational Leadership—Grow reputation as a leader, motivate and inspire people across the organization
- BS/BA in related field and a minimum of 5 years relevant experience preferred
- Bachelor's degree in computer science, information systems, engineering, business, accounting, finance, or a related field strongly preferred
- Experience in business process analysis, project methodology, or systems development life cycle preferred