Skip to main content
Compliance Analysis

Job Alert: Risk and Compliance Analyst

By August 26, 2016No Comments

Risk and Compliance Analyst

StoneArch Services has a client in need of a full time Risk and Compliance Analyst. In this positon, the Analyst would be responsible for planning, performing, monitoring and reporting on components of varying complexity in regards to IT compliance as well as other assigned projects within information system areas of the Company.  Performs assigned portions of IT compliance programs, determining compliance with policies and procedures, monitoring, recommending corrective action, preparing findings and assisting with remediation plans.  Reviews and services should be performed in accordance with professional and department standards.

ESSENTIAL DUTIES AND RESPONSIBILITIES:

  • Performs assigned components of moderately complex compliance tasks with moderate supervision, which may include planning, risk analysis, customer interaction, testing, and reporting procedures in accordance with appropriate professional and department standards.
  • Develops work programs.
  • Holds discussions with management regarding processes and noted control weaknesses.  Prepare draft reports to management to communicate final results including recommendations for improving information system practices and controls.
  • Understands and prioritizes work according to time and resource constraints.
  • Obtains buy-in and ownership from management for observations and remediation plans.
  • Works with Internal Audit, external auditors, management and staff to identify feasible resolutions to control weaknesses and opportunities for improvement.
  • Plans and executes compliance reviews.
  • Provides on the job and other training to less experienced compliance staff, in a team environment, as assigned by the in-charge.
  • All work performed is moderately supervised; generally provides guidance to staff on assignments of low to medium complexity as assigned.
  • Works independently.
  • Complies with all Company Group Policies
  • Performs other duties as assigned

Qualifications

EDUCATION and EXPERIENCE:  

Preferred Education:

Bachelor’s Degree in Computer Information Systems, Information Technology, or related field

Required Experience:

Three to five years’ experience in IT risk and compliance, IT governance, IT auditing or an IT related field preferred.

Preferred Experience:

Big 4 accounting firm experience a plus

Preferred Certification(s):

Certified Information Systems Auditor (CISA), Certified Internal Auditor (CIA)

KNOWLEDGE, SKILLS and ABILITIES

  • Must have good written and verbal communication skills, a high degree of personal integrity, attention to detail and strong investigative skills.
  • Requires analytical and communications skills to understand customer objectives, evaluate risks and controls and accurately document and support work performed and conclusions reached.
  • Must possess a competent working knowledge of operating systems, application development, change management, operations, networking and telecommunications, databases, business continuity, disaster recovery and physical and logical security.
  • Must be capable of working under minimum supervision, planning and conducting IT compliance reviews.
  • Strong knowledge of compliance practices, IT audit and Company operations is preferred.
  • General knowledge of internal control concepts, principles, risk analysis, FISMA, PCI Compliance, HIPAA, Privacy, process improvement and techniques, including frameworks such as NIST, ISO2700, COSO and COBIT.
  • Must be able to interact well with customers and be able to provide guidance and counseling to assigned department staff as well as react to department management needs.
  • Must be able to work in a fast-paced environment and manage multiple projects concurrently.
  • Ability to manage conflicting priorities and handle multiple tasks/projects concurrently.
  • Ability to effectively organize, plan, control and prioritize work/projects. Ability to regularly communicate progress to appropriate stake holders.  Efficiently manages resources and understands work/project scope, key players, urgency, inherent risks and business benefits.
  • Displays and promotes high standards of ethical conduct and behaviors consistent with organizational and government standards
  • Ability to consistently carry out job responsibilities to meet deadlines.  Ability to deliver on commitments as promised and able to acknowledge when commitments are not met and takes appropriate steps to fulfill what has been promised
  • Ability to clearly and effectively convey information to individuals or groups.  This includes the ability to choose the appropriate method or methods of communication
  • Demonstrates the ability to analyze, identify and solve problems while using sound judgment.  Able to implement solutions to address business issues.  Knows who to involve and takes appropriate action
  • Ability to anticipate, understand and manage customer expectations and consistent delivery of services.  Clearly and effectively conveys information.