IT Compliance Analyst

Owlet Baby Care

6h•Hybrid

About The Position

We are looking for an IT Compliance Analyst to join Owlet's IT team and help execute our IT governance, risk, and compliance program. This is a hands-on role focused on doing the work: running control tests, gathering audit evidence, maintaining compliance documentation, and building the institutional knowledge that keeps Owlet audit-ready year-round. You will work under the direct guidance of the IT Director and alongside Internal Audit, Finance, and Legal as you grow into broader program ownership over time. This is a strong fit for someone early in their GRC career who wants real SOX ITGC experience at a public company, without getting buried in a Big 4 engagement that keeps them three layers from the actual controls. You will see how the program runs from the inside and be given increasing ownership as you develop.

Requirements

2-4 years of experience in IT compliance, IT audit, internal audit, or a GRC-adjacent role.
Foundational understanding of SOX ITGC concepts: access management, change management, computer operations, and logical security.
Experience executing or supporting ITGC control testing and evidence collection.
Strong written communication: you produce clear, well-organized documentation that holds up under audit scrutiny.
Detail-oriented and dependable: you track your own work, meet deadlines, and flag issues before they become problems.

Nice To Haves

Experience in a regulated industry: medical devices, healthcare, financial services, or similar.
Exposure to SOC 1 or SOC 2 engagements (as a participant or evidence coordinator).
Familiarity with ERP environments from a controls perspective (NetSuite experience a plus).
Relevant certifications or coursework: CISA, CRISC, or audit-focused academic background.
Comfort working in a lean team where you build process as much as you follow it.

Responsibilities

Execute and document ITGC control testing across Owlet's key systems and platforms.
Collect, organize, and maintain control evidence in accordance with audit requirements.
Track control deficiencies and remediation items to closure under IT Director oversight.
Support SOX readiness activities and auditor walkthroughs, including preparing materials and responding to auditor requests.
Coordinate evidence collection and auditor access for internal audit, external financial audit, and SOC report engagements.
Maintain the audit evidence repository and ensure documentation is current, organized, and audit-ready throughout the year.
Serve as a reliable point of contact for auditor information requests, escalating to the IT Director as needed.
Maintain Owlet's IT policy library: version control, review tracking, and attestation coordination.
Support annual policy review cycles by flagging outdated content and drafting proposed updates for IT Director review and approval.
Assist with communicating policy updates and awareness initiatives across the organization.
Maintain the IT compliance risk register: keeping entries current, tracking status, and flagging items that need IT Director attention.
Support IT change management processes to preserve audit trail integrity and separation of duties controls.
Assist with the IT component of third-party vendor compliance documentation as directed.