IT Compliance Analyst II (GRC Analyst)

Position: IT Compliance Analyst II (GRC Analyst)

Location: Duluth, GA

Duration: 6 months Contract

US Citizens and Green Card Holders can apply

Job Description:

The IT Compliance Analyst II (GRC Analyst) will work with compliance leadership to oversee client’s IT Compliance requirements and obligations mandated by standards and regulations such as ISO 27001, NIST SP 800-53, Sarbanes-Oxley Act (SOX 404), Gramm-Leach-Bliley Act (GLBA), and Global Data Privacy Laws, as well as those mandated by client. The GRC analyst consistently assesses and validates the assurance of the compliance program by monitoring progress, identifying non-compliant areas and guiding resolution of outstanding issues that may lead to non-compliance.

Required Knowledge, Skills & Abilities:

• Support the ongoing management and operations of the IT GRC program
• Assist in the design and testing of technology and operational controls
• Assist in the management and classification of the master application inventory
• Assists in training users on Compliance Team managed applications, processes and controls
• Design and manage attestation questionnaires to mature the SOX 404 regulatory control performance
• Collaborate with business and technology leaders to ensure the successful remediation of identified non-compliance
• Contribute to the design and improvement of team processes and procedures
• Perform interviews on internal control compliance and provide feedback on best practice for work instructions and evidentiary requirements
• Production and management of key program metrics
• Liaison with auditors to maintain and implement IT controls for SOX and Data Privacy.
• Perform other duties as assigned
• Qualifications and Education Requirements
• Industry related Associate of Science /Associate of Arts preferred with 2 years of overall information security and/or technology operations experience (or Bachelor of Science / Bachelor of Arts with some industry experience)
• Experience using ServiceNow (Policy and Compliance) and/or OneTrust preferred
• General understanding of security standards and frameworks (i.e., PCI-DSS, ISO 27001, SOC2, etc., NIST CSF, NIST 800-53.)
• General understanding of regulations (i.e., SOX 404, GDPR, LGPD.)
• Information security industry recognized certification(s) preferred – (i.e., CISA, GSEC, CISSP, CRISC)
• Exceptional written and verbal communication skills, and ability to translate technology and operational controls and risks to all levels of the business.
• Ability to manage multiple requests in a result-oriented organization.
• Strong communication, interpersonal skills, and the ability to establish strong working relationships at all levels are also needed.

About the Company:
Feuji

We are a global technology and cloud services company with operations in multiple geographies and specialization across various domains. We believe in delivering solutions that will have a measurable positive impact on our clients’ business and bottom line. Salesforce Consulting, Supply Chain Management, Business Process Services, Managed Services, and Strategic Staffing are our key focus areas.

We are headquartered in Dallas, Texas, with operations in Costa Rica, Bulgaria, Romania and India.

Company Size:
100 to 499 employees

Industry:
Computer/IT Services

Founded:
0

Website:
https://feuji.com/