Compliance Analyst III
Corporate Offices - Auburn Hills United States
Alternate Title: SR IT & Compliance Analyst
Responsible for assisting management with coordinating efforts associated with planning, execution, and reporting of General Technology Control assessment over IT systems with operational, financial, compliance, and technology risks.
Responsibilities of Position:
- Lead effort to design, develop, implement and maintain Global IT policies and processes in-line with ITIL and COBIT standards.
- Provide leadership as an individual contributor with review and/or perform end to end compliance activities, including scoping, controls documentation, remediation, and reporting.
- Assist management with design and developing procedural controls and self-testing program to monitor and ensure compliance.
- Independently participate in evaluating, reinforcing, and promoting industry standards, documentation requirements, control design evaluation, and effectiveness testing to protect business critical data.
- Lead documentation update including risk and control matrix, testing procedures, testing templates, etc. based on changes in the business environment.
- Collect and develop metrics and reporting to demonstrate compliance status and engagement.
- Assist IT process owners to develop actionable remediation plans, monitor and report on progress.
- Conduct IT policies, processes, and control implementation training as needed to IT organization.
- Lead user access reviews in conjunction with IT and Business process owners.
- Monitor project activities to ensure requirements and schedules are met; escalate as required.
- Other duties as assigned.
- Able to work in fast paced environment and multitask.
- Strong professional and interpersonal skills, treats people in respectful and professional manner.
- Strong troubleshooting and problem-solving abilities.
- Excellent organizational skills with ability to team with others to develop and implement complex projects.
- Excellent written and verbal communications skills.
- Work and act in a safe manner.
- Flexible work schedule.
- Competent in Microsoft Office products (Outlook, Excel, PowerPoint, etc.).
- Working knowledge and experience with NIST, COBIT, or other standards\frameworks required.
- Experience assessing IT General Controls with respect to ERP Applications, AS/400, SQL database, Active Directory, 365 compliance including application controls required.
- Knowledge of IT Risk Assessment, IT Audit, IT SOX, ITGC’s, Security & Access Controls, IT Operations, IT Change Management, IT Governance, Risk & Controls required.
- Experience with assessing process risks, evaluating business processes including identifying and evaluating the design of controls, executing and documenting control testing required.
- 3-5 years of experience in auditing, compliance and data security in a public accounting firm. Internal IT Audit experience required.
- Understanding of IT hardware, security, networking, development, and database management preferred.
- Knowledge of Cloud security and experience with assessment cloud controls preferred.
- Experience in auditing cloud operating and application environments preferred.
- Automotive or manufacturing industry background preferred.
Licensing or Special Certification Requirements:
- Driver’s License.
- Ability to work at a computer for a long period of time.
- Occasionally lifts and carries up to 25 pounds.
- Some of work time is spent standing, walking, lifting and bending.
- Bachelor’s Degree in Information Technology, Accounting, or Finance required. Advance degree preferred.