Previous Job
Senior IT Compliance Analyst 
Ref No.: 17-00043
Location: Commack, New York
Senior IT Compliance Analyst is needed full time in Commack, LI, NY.


The IT Compliance Analyst, Senior is responsible for conducting IT systems audits of networks, databases, systems, applications and other IT components to ensure compliance with applicable policies, procedures, regulations and laws. This consists of periodic reviews of information security provisioning to ensure all actions are authorized, accurate, documented and in compliance with policies and procedures. Provides recommendations for improving the user security process while ensuring compliance, improving processes and providing for periodic audit reporting.

Responsible for owning the business process of any automated certification tool. Leverages project management skills to define audit testing plans, execute and document internal controls testing, and document testing results and related audit findings. Performs internal IT audits and participates in integrated audits while ensuring compliance with
our client's Audit Department methodology and industry professional standards. Evaluates and recommends improvements to business practices, processes and control procedures relative to risk and compliance. Organizes and monitors reporting of compliance with SOX, GLBA, and other laws, regulations, and standards. Reviews compliance-related documentation for SOX and GLBA. Applies knowledge of auditing and internal control concepts to evaluate IT networks, databases, systems, applications and other IT components. Demonstrates knowledge of IT systems design and architecture, process flows, process documentation and internal control identification. Closely aligns with Corporate Internal Audit and Enterprise Risk Management to provide an integrated understanding of how IT risks impact financial and operational processes. Partners with Audit team members in other business areas to ensure the delivery of a seamless program of control and audit risk coverage. Coordinates the integration of internal control practices into IT processes and projects. Contributes to a sustainable IT general control environment through involvement in key IT internal control activities. Coordinates with internal and external audit to facilitate audit requirements. Coordinates and assists with monthly, quarterly and annual review activities. Facilitates the remediation of IT internal control deficiencies. Contributes to the continued development of internal controls awareness within the IT organization. Coordinates the preparation of information for external agencies/auditors/regulators. Responsible for IT control documentation and knowledge repository. Keeps current on latest technologies and best practices relative to their area of responsibility. Recognizes and recommends areas needing improvement. Participates in the development of IT strategies in collaboration with IT peers and the executive team. Ensures compliance with corporate and IT policies and procedures. Integrates corporate methodologies and standards, as appropriate. May provide guidance/training to more junior staff. Performs special projects, and additional duties and responsibilities as required. Where applicable and when performing the responsibilities of the job, employees are accountable to maintain Sarbanes-Oxley compliance and adhere to internal control policies and procedures.

Bachelor's degree in Computer or Management Information Systems, Computer Engineering, Accounting, Finance, or other related field or three (3) to five (5) years of equivalent relevant work experience. Three (3) to five (5) years of internal controls, audit, information security, or technology process experience. CISA, PMP, CRISC, or CIA certification preferred. Experience with compliance and/or control frameworks preferred. Experience with Sarbanes-Oxley compliance preferred.

Knowledge of COBIT and COSO and Sarbanes Oxley legislation and impact, and other regulations. Basic understanding of key IT impacting banking regulations and standards such as GLBA and PCI. Solid understanding of industry standard IT general controls. Demonstrated ability to apply analytical skills in dealing with issues that are not readily defined or that conflict with available information. Demonstrated facilitation and project management skills. Strong verbal and written communication skills. Excellent planning, time management, and follow through skills. Excellent problem solving skills. Willingness to learn. Understanding of business process controls preferred. Attention to detail and ability to implement. Computer literate with proficiency in Windows 7, Microsoft Office and Microsoft Project. Independent/self-starter. Ability to influence others preferred. Ability to maintain organizational relationships with both business and IS. Ability to maintain organizational respect and trust. Ability to adapt to changing requirements. Ability to document processes, roles, key decisions, and other work session outputs. Ability to handle multiple tasks concurrently. Ability to rely on experience and judgment to plan and accomplish initiatives. Ability to serve as a resource to others in the resolution of complex problems.