IT Compliance Analyst

• Support the execution of IT compliance activities as part of the IT GRC team, ensuring alignment with internal policies, standards, regulatory requirements, and control frameworks. 

• Assist with IT control testing, including gathering evidence, reviewing documentation, validating control performance, and documenting results. 

• Support audit readiness activities by preparing evidence, tracking audit requests, coordinating with IT control owners, and helping resolve audit findings. 

• Maintain and organize compliance documentation, including policies, standards, procedures, control evidence, risk records, and audit artifacts. 

• Monitor compliance tasks, deadlines, and deliverables to ensure timely completion of control reviews, assessments, and remediation activities. 

• Work with IT teams to identify control gaps, documentation issues, process weaknesses, and opportunities to improve compliance practices. 

• Support the tracking and reporting of compliance metrics, KPIs, audit status, control issues, and remediation progress. 

• Assist with reviewing IT policies, standards, and procedures to ensure they remain current, accurate, and aligned with governance requirements. 

• Coordinate with internal audit, external auditors, IT teams, and business stakeholders to support assessments, audits, and compliance reviews. 

• Help identify IT compliance training and awareness needs and support the development or delivery of related materials. 

• Promote a culture of compliance, accountability, and continuous improvement across the IT organization. 

• Bachelor’s degree in Information Systems, Cybersecurity, Information Technology, Business, or a related field preferred. 

• Working knowledge of IT governance, risk, and compliance concepts, including how IT controls support regulatory, audit, and business requirements. 

• Familiarity with key frameworks and regulatory requirements such as SOX, NYDFS Cybersecurity Regulation, COBIT, NIST CSF, and related IT control standards. 

• Understanding of IT General Controls, including access management, change management, computer operations, incident management, backup and recovery, and SDLC controls. 

• Ability to support audit and compliance activities, including evidence collection, control testing, issue tracking, remediation monitoring, and audit readiness. 

• Strong analytical, communication, documentation, and problem-solving skills, with the ability to work with IT teams, auditors, and business stakeholders. 

• Self-driven, curious, detail-oriented, and hands-on, with a willingness to learn new processes, systems, frameworks, and compliance requirements. 

• Ability to manage assigned tasks, track deliverables, meet deadlines, and support multiple compliance or audit-related initiatives. 

• Experience with GRC, ticketing, collaboration, or evidence management tools such as Jira, Confluence, SharePoint, Microsoft 365, or similar platforms preferred. 

• Professional certifications such as CISA, CRISC, ISO 27001 Foundation, or ISO 27001 Lead Implementer are a plus. 

Experience:

Applicants must be authorized to work for any employer in the U.S.  We are unable to sponsor or take over work authorization sponsorship now or in the future for this position. 




#LI-Hybrid