Requisition Number 2236106

Description & Requirements

The Compliance Analyst Lead serves as a subject matter expert in IT risk management, governance, and compliance, with specialized knowledge in IT general controls, application controls, cybersecurity, cloud security, and emerging technologies such as artificial intelligence. This role is responsible for focusing on a specific project or technology in the information security, risk, audit and compliance program. The Compliance Analyst Lead will assist with IT Compliance, Risk Management, and Audit projects as assigned. The role identifies risks and recommends enhancements and contributes to ongoing process and tool enhancements within the compliance program. This role coaches audit & risk staff and fosters a culture of continuous improvement. The Compliance Analyst Lead will possess strong analytical and strategic thinking skills, have sound decision making abilities, and excellent communication capabilities. The ability to work independently and function as a trusted advisor to team members and stakeholders is essential. This role reports to the Senior Compliance Manager

What You Will Do:

Provide expertise in IT risk management, governance, compliance, IT general controls, application controls, cybersecurity, cloud security, and emerging technologies (AI).

Work on dedicated projects assigned in IT audit and IT risk.

Identify risks, evaluate controls, and recommend improvements.

Work with other IT personnel to ensure compliance with applicable regulatory standards and compliance frameworks including HIPAA/HITECH, PCI, FISMA, GLBA, FDICIA, GDPR, NIST and others as required.

Work in collaboration with IT Leadership, Compliance, Risk, Legal, & Business teams.

Assist with the design and implementation of security awareness materials and information security training.

Maintain current knowledge of applicable federal laws & regulations and state privacy and security laws and accreditation standards, and monitor emerging technologies and trends (e.g. cloud, AI, BYOD) for audit implications to ensure organizational adaptation and compliance.

Attend, present and/or participate in continuing professional education classes and training courses.

Work independently and serve as a trusted advisor to team members and stakeholders.

Report progress to the Senior Compliance Manager and contribute to process and tool improvement within the compliance program.

Use metrics to report on GRC adherence and project progress.

Minimum Qualifications:

High school diploma or equivalent

Subject matter expert with 5+ years of experience in information security audit/compliance.

Expert knowledge with security and risk frameworks, standards, and best practices (i.e., PCI, HIPAA, ISO, NIST, COBIT, ITIL, etc.).

Expert knowledge with regulatory requirements (e.g., GLBA, HIPAA, PCI, SOX, etc.).

Expert knowledge with third-party and vendor assessments.

Experience in performing multiple projects and collaborating with workforce

Preferred Qualifications:

10+ years of relevant experience

Two-year college (associate's degree)

Trade or technical school

Working knowledge of AI; experience with using it for audit work, experience in audit of AI, experience in evaluating the risk of AI.

Advanced knowledge of Security frameworks: ISO 27001, NIST, COBIT.

Advanced data analytics experience.

Apply online

https://jobs.forvismazars.us/jobs/10556/lead-it-compliance-analyst?sid=1501