IT Compliance Analyst Lead

About The Position

Requirements

• Strong working knowledge of Sarbanes-Oxley (SOX) and other applicable government regulations
• Strong knowledge of project management methodologies, application development lifecycle, and organizational change management
• Advanced knowledge of information technology systems, infrastructure and operations
• Advanced working knowledge of information systems and operations systems and databases
• Advanced knowledge of business processes for supported business groups
• Advanced knowledge of information technology systems, infrastructure and operations
• Working knowledge of Azure, UNIX, Linux, Oracle, iSeries, Cisco, Windows and general IT best practices
• Working knowledge of security and control management best practices such as COBIT, COSO, ITIL, and ISO
• Strong in the use of Microsoft Office software including strong ability to analyze data using Excel for reporting and data mining purposes
• Ability to meet expected delivery dates and the tasks necessary to achieve objectives
• Ability to interact with staff at all levels
• Excellent writing and speaking skills
• Strong people skills
• Advance experience with data visualization concepts and tools
• Proven ability to deliver mission critical software development projects
• Ability to effectively lead, organize, and supervise as needed
• 7-10 years combined experience in Information Technology, Audit and Compliance disciplines required
• High School Diploma or equivalent required
• Bachelor’s Degree in related field or equivalent experience required

Nice To Haves

• Master’s Degree preferred
• CIA, CISA, CPA, CISSP, or CRISC Upon Hire preferred
• Professional certifications such as ITIL or PMI preferred

Responsibilities

• Develop compliance, control, risk management, and governance frameworks
• Design compliance, testing, continuous monitoring, self-assessment and validation methodologies
• Perform compliance and risk reviews and document results to allow external reliance
• Understand patterns across risks and issues, ensure understanding by technology leaders and recommend systemic paths to resolution
• Develop, enhance and perform reviews to ensure that major technology initiatives have appropriate controls and risk mitigate activities
• Understand and document the domain technology and process landscape to identify risk levels
• Facilitate identification and resolution of policy and standards gaps and advise leadership on roadmaps for achieving compliance
• Influence technology owners to action through expertise, credibility and escalation
• Assess GRC knowledge gaps, create role-based training and facilitate large-scale training events
• Own a GRC practice (e.g. policy, regulatory, issue management, work practices, etc.) on behalf of the team
• Manage multiple initiatives to successful implementation

Benefits

• Generous benefits package available on day one to include: 401K matching, bonding leave for new parents (12 weeks, 100% paid), tuition assistance, training, GM employee auto discount, community service pay and nine company holidays.
• Competitive pay and bonus eligibility
• Flexible hybrid work environment, 2-days a week in an office