Risk And Compliance Analyst

About The Position

Requirements

• 6+ years of experience in technology controls, IT risk, infrastructure governance, automation assurance, or related disciplines
• Direct experience assessing or operating controls in at least two of the following platforms: Terraform (Enterprise and/or Cloud) Ansible (Tower / AWX) Cutover BladeLogic / TrueSight Server Automation (TSSA)
• Strong understanding of: Change management controls in CI/CD or infrastructure automation pipelines Segregation of duties and access control models Logging, monitoring, and activity traceability Backup, recovery, and resiliency concepts Interpreting technical artifacts such as configurations, pipelines, logs, and execution histories
• Experience supporting internal and/or external audits in regulated or large‑scale enterprise environments
• Terraform: workspaces, state management, module versioning, policy enforcement
• Ansible: inventories, credentials, RBAC, job templates, execution logs
• Cutover: runbooks, chained workflows, approvals, execution auditing
• BladeLogic / TSSA: job execution, compliance rules, RBAC, and audit logs
• Working knowledge of industry control and risk frameworks, including: COBIT ITIL NIST ISO 27001
• Exposure to policy‑as‑code concepts and preventative guardrail enforcement (e.g., Sentinel, Open Policy Agent, custom controls)

Responsibilities

• Support the execution and ongoing sustainability of technology control governance across infrastructure automation platforms
• Execute control assessments, walkthroughs, and documentation to evaluate adherence to established control requirements
• Support remediation of identified control gaps by strengthening assessment rigor, evidence quality, and tracking practices
• Coordinate, validate, and maintain audit‑quality control evidence, ensuring completeness, consistency, and traceability over time
• Track control findings, remediation actions, milestones, risks, and dependencies, providing structured follow‑up to ensure timely closure
• Support the development of repeatable and scalable governance routines that reduce reliance on ad hoc or reactive audit preparation
• Partner with engineering, risk, and audit stakeholders to clarify control expectations and support practical remediation approaches
• Contribute to governance metrics, reporting, and status updates used by risk and management stakeholders
• Help reduce operational, compliance, and audit risk while minimizing impact to delivery velocity
• Operate independently with strong accountability for assigned governance outcomes

Benefits

• Medical, dental & vision
• Critical Illness, Accident, and Hospital
• 401(k) Retirement Plan – Pre-tax and Roth post-tax contributions available
• Life Insurance (Voluntary Life & AD&D for the employee and dependents)
• Short and long-term disability
• Health Spending Account (HSA)
• Transportation benefits
• Employee Assistance Program
• Time Off/Leave (PTO, Vacation or Sick Leave)