Sr. Analyst, Technology Compliance

About The Position

Requirements

• Bachelor's degree (or equivalent experience), with solid IT audit or compliance experience.
• Familiarity with Technology Compliance management industry frameworks and standards: NIST, OWASP, SANS, ISO-27001/2, SANS, and Cobit
• 5+ years working experience with enterprise technology compliance management programs, or auditing experience, controls testing, conducting ITGC and PCI assessments
• Possession of industry certifications required: CISA and/or CISSP.
• Strong Communication skills with the ability to clearly communicate through tailored messaging, organized presentations, and group facilitation.
• Strong technical skills with the ability to design IT controls and system functions that enforce or collect compliance evidence.
• Demonstrates expertise in mentoring colleagues on compliance principles and leads effective training and awareness programs.
• Demonstrates strong analytical, problem-solving, and organizational skills under pressure, with a commitment to world-class service, flexibility, and continuous improvement.
• Effective organization and time management skills with strong attention to detail.
• Applicants must be currently authorized to work in the United States on a full-time basis.

Nice To Haves

• Desired CRISC, CIA, CISM, PCI

Responsibilities

• Develop and maintain a comprehensive framework for Technology Compliance, including validation, classification, and control testing across IT domains (e.g., PCI DSS, HIPAA, Data Privacy).
• Execute enterprise compliance governance frameworks, balancing risk appetite with business needs and translating findings into actionable steps.
• Lead compliance assessments and pre-implementation reviews to ensure proper controls are designed, implemented, and documented.
• Design, implement, and maintain enterprise-wide General IT Controls (GITCs) and compliance frameworks aligned with regulatory requirements (PCI DSS, SOX, HIPAA, Data Privacy, etc.).
• Develop and enforce processes and procedures to ensure adherence to company policies, laws, and industry standards (e.g., NIST, ITIL).
• Influence compliance strategy and direction within established standards and guidance.
• Act as a trusted advisor and subject matter expert on technology key controls, partnering to evaluate control effectiveness, identify risks, and support remediation efforts.
• Leverage technical experience to assist management in designing appropriate automation and system configurations to support the enforcement and collection of compliance-related evidence.
• Facilitate internal and external audits, and provide clear, timely communication of findings, recommendations, and remediation plans.
• Monitor and validate information security controls, analyze trends in control weaknesses, and recommend enhancements to meet evolving compliance standards.
• Collaborate cross-functionally while demonstrating ownership, initiative, and effective communication on compliance matters.
• Execute enterprise compliance governance frameworks, balancing risk appetite with business needs and translating findings into actionable steps.
• Assess compliance exposure and deficiencies across internal and external systems, recommending effective solutions.
• Lead remediation and design review meetings, build consensus on compliance strategies, and influence direction across teams.
• Maintain awareness of emerging technology trends and evolving external regulations to proactively adapt compliance processes.