IT Governance & Compliance Analyst

About The Position

Requirements

• Bachelor’s Degree in Computer Science, Computer Engineering, Management Information Systems, Information Security/Cyber Security, or a related field required.
• Three (3) or more years of experience in IT governance, information security, risk management, compliance, or related areas.
• Familiarity with IT governance frameworks, industry standards, and best practices, including NIST CSF and ISO 27001.
• Knowledge of regulatory and compliance requirements, including HIPAA, HITRUST, ISO 27001, SOX, SOC 2, and related IT control frameworks.
• Experience supporting audits, assessments, compliance reviews, and remediation activities.
• Understanding of IT General Controls (ITGCs), risk management principles, identity and access management, vulnerability management, and third-party risk management concepts.
• Ability to analyze IT systems, processes, and controls to identify risks, gaps, and improvement opportunities.
• Ability to develop and maintain policies, procedures, standards, controls, narratives, and governance documentation.
• Familiarity with scripting, automation platforms, and AI-assisted technologies used to improve governance, compliance, audit, or operational processes.
• Strong analytical, problem-solving, organizational, and documentation skills with attention to detail.
• Effective verbal and written communication skills with the ability to collaborate across technical and non-technical teams.

Nice To Haves

• Experience supporting external audits and compliance assessments, including HITRUST, ISO 27001, and SOC 2 preferred.
• CISSP, ITIL, GIAC, or related certifications preferred.
• Equivalent combinations of education and experience may be considered.

Responsibilities

• Develops, documents, and maintains IT governance processes, policies, and procedures aligned with industry frameworks and standards, including NIST CSF and ISO 27001.
• Partners with IT teams to implement and support security policies, governance controls, and compliance initiatives across the enterprise.
• Facilitates external assessments and audits related to HITRUST, ISO 27001, HIPAA, and SOC 2 compliance, including coordination with third-party assessors, audit evidence collection, remediation tracking, and support of audit activities.
• Supports identity and access governance processes, including documentation, control validation, and user awareness related to assigned responsibilities.
• Assists with cybersecurity incident response preparedness through process documentation, testing, employee training, and response support activities.
• Evaluates and tests the IT control environment to ensure controls are operating effectively and organizational risks are appropriately identified, measured, and reported.
• Develops, monitors, and reports governance metrics, including OKRs, KPIs, remediation activities, vulnerabilities, patch management, and Plans of Action & Milestones (POAMs).
• Supports third-party risk management activities, including vendor security assessments and alignment with organizational security policies and standards.
• Assists in the development, maintenance, and testing of IT General Controls (ITGCs) and compliance processes supporting HIPAA, HITRUST, ISO 27001, SOX, SOC 2, and CCPA requirements.
• Supports internal and external audit activities through evidence collection, control testing, process improvement, and remediation validation.
• Identifies opportunities to improve governance, compliance, and audit activities through process optimization, scripting, automation, and emerging AI-assisted capabilities.
• Ensures customer and regulatory compliance commitments are maintained and completed in a timely manner.
• Participates in additional projects and duties as assigned, including occasional business travel as required.

Benefits

• Medical, Dental, and Vision insurance
• Employer Paid Basic Life Insurance and AD&D
• Voluntary Life Insurance (Employee/Spouse/Child)
• Health Care and Dependent Care Flexible Spending Accounts
• Pre-Tax and Post --Tax Commuter and Parking Benefits
• 401(k) Retirement Savings Plan with Company Match
• Paid Time Off
• Paid Parental Leave
• Short-Term and Long-Term Disability
• Tuition Reimbursement
• Employee Discounts (retail, hotel, food, restaurants, car rental and much more!)