Job Description
IT Risk & Compliance Analyst
Location: Tampa, Fl 33605
Setting: In office while training- then Hybrid schedule
Contract to Hire: 6 Months+
Pay rate: $60-$65/hr
***Information Technology Infrastructure Library (ITIL) Certification within 6 months of employment in this position.***Seeking a Compliance and Risk analyst local to the
Tampa area to join the Risk & Compliance team. They will be responsible for the following:
- Assurance and Information Management:
Ensures that quality methods and procedures are
executed by the IT department to stay in compliance with regulatory
requirements, Sarbanes-Oxley (SOX), PCI, contractual requirement
- Support collection,review and approval of compliance evidence, including accessing network
monitoring tools and security tools to gather evidence during assurance
activities.
- Administers the ITCompliance Management Systems and Governance, Risk, and Compliance (GRC)
tool(s). Collect and sample evidence to support demonstration of
compliance. Escalates out of compliance items to senior management.
Participate in the implementation of technology-based tools (e.g.
GRC) to support IT risk initiatives. Additionally, analyst adheres to
company confidentiality and security requirements.
- Documents non-complianceissues, provides recommendations and Shepards remediation actions to
ensure in their resolution. Performs quality audits across various
IT&T functions to ensure quality standards, procedures, and
methodologies are being followed. Monitors and reports on exceptions,
risks and exposures to IT senior management.
- Conducting fact-basedassessments of new and existing systems and technologies, Assessing the
effectiveness of regulatory compliance controls. Providing subject matter
expertise to help internal stakeholders manage risk and controls.
Must Haves:
- 3+ years of IT security, IT audit or other controls experience
- Experience and knowledge with Identifying control gaps, drafting remediation plans, ushering remediation aspects through
- Assurance experience: audit compliance, risk assessments, vulnerability assessments, and compliance assessments
- Technical experience with the following: Service Now, vulnerability scanning, firewall and firewall policy testing, SIEM tools, GRC tools, patching tools
Plusses:
- CISA or CRISC Certifications
- Experience with SOX and PCI controls
- Experience with the following: Splunk, Tenable,
- CyberArk