Audit and Compliance Analyst
3 weeks ago
The Audit & Compliance Analyst is responsible for internal controls as well as the success of the RouteOne Information Compliance, Audit, Risk and Governance Program. This program is designed to protect company information, data and facilities; maintain the security of assets; and to ensure the efficacy of and compliance with internal controls. The overall goal is to design, develop, implement, and maintain compliance to a comprehensive information security program that is appropriate to the sensitivity of the information and data that is scoped adequately for the size, complexity, nature, and risk of RouteOne’s business activities. The ideal candidate will have the skill to communicate the details of this program, in writing and speaking, to management, external auditors and customers, regardless of their technical or non-technical backgrounds.
Job Requirements
- Execute and manage internal audits.
- Collect and maintain audit evidence for annual SOC (Service Organization Control) and GLBA audits derived from results of internal audits, including documentation of deviations
- Participate in audits of RouteOne’s vendors and perform subsequent remediation tracking to closure.
- Respond to audits from finance sources and other partners including participating and leading in-person or virtual audit sessions, answering detailed questionnaires, and gathering and providing evidence as well as managing remediation of findings from these audits
- Respond to due diligence requests from finance sources and other partners, providing documentation such as SOC reports, finance reports, and other evidence
- Design new controls and subsequent documentation updates to policies and procedures to close audit findings. Review reports generated from various monitoring and scanning tools and escalate to Security Team appropriately
- Collect data, produce reports, and analyze metrics from audits conducted to evaluate compliance, and collaborate with internal IT Teams to improve existing cybersecurity measures.
- Contribute to certain functions within the information security framework that ensure confidentiality, integrity, and availability of information assets by protecting against unauthorized use, disclosure, modification, or loss.
- Assist with informing and educating staff about information security, compliance, risks and governance including assisting in phishing prevention campaigns. including monitoring employee training compliance
- Assist in monitoring, administering and enforcing security policies/procedures.
- Review existing documentation of IT controls, business processes, policies, procedures, and management reports for compliance, effectiveness and sustainability.
- Manage remediation plans/corrective actions for any vulnerabilities or compliance failures reported in audits.
- Perform gap analysis to assess compliance with evolving regulatory requirements and duties such as NIST, PCI-DSS, GLBA, CSA, FCRA, Privacy Laws and other frameworks as needed.
- Maintain safety, security, and privacy standards throughout all areas of responsibility.
- Assist in annual Risk Assessments and Business Impact Analysis reviews with management.
- Assist in annual Business Continuity Exercises and Security Incident Response tabletop exercises.
- Participate in Scope Lock meetings for compliance and risk evaluation for proposed code and feature changes to application.
- Provide input to other teams for current audit, compliance, governance and risk mitigation requirements of proposed actions and/or purchases.
Knowledge
- Experience reviewing and/or drafting policies and procedures across the enterprise
- Experience in Audit, Compliance, Governance, Risk or equivalent Information Security area with technically complex and diverse audits/projects.
- Demonstrated experience applying knowledge of internal control standards, objectives, and techniques unique to computer processing in a multiple platform environment.
- Solid knowledge of current industry information security, compliance and governance principles, controls and practices.
- Knowledge of various compliance frameworks and industry best practices (e.g., PCI, GDPR, ISO 27001).
- Understanding of security protocols and standards. (NIST, SOC, GLBA, OWASP Top 10).
- Knowledge of security intrusion prevention tools used to record, track, and examine intrusions to find ways to prevent future incidents.
- Experience in reporting analysis of potential cybersecurity threats, emerging practices and technologies to both technical and non-technical audiences.
Skills
- Proficient in Microsoft Office products, including, but not limited to, Word, PowerPoint, SharePoint, Excel, Outlook, Teams, and Visio. Experience with Microsoft Defender a plus.
- Experience with Atlassian products such as Confluence and Jira, or ticketing systems such as Salesforce, ServiceNow, or CloudLink.
- Experience working within various compliance programs e.g., SOC, GLBA and NIST).
- Understanding of finance source and auto dealer industries a plus.
- Knowledge of cloud, SaaS (Software as a Service) and shared security model responsibilities.
- Proven organizational and time management ability.
- Demonstrated experience of successful customer and vendor relationship management, including conflict resolution, preferred.
Abilities
- Ability to work both independently and in a team environment to establish priorities and execute subsequent plans successfully.
- Ability to use relevant information and individual judgment to determine whether events or processes comply with laws, regulations, or standards.
- The ability to communicate information and ideas, both verbally and in writing, so others will understand risks and proposed solutions.
- Ability to thrive in dynamic, fast-paced software development environment. Knowledge of Agile Development a plus.
- Strong analytical, problem-solving, communication, and technical skills.
- Proactive, detail-oriented professional eager to grow in responsibility.
- Flexibility to adjust to changing priorities and simultaneously work on high visibility projects to assure completion.
- Adaptability to respond to security issues arising from new cybersecurity threats and emerging tools and technologies.
- Ability to take a practical business-focused approach to security, compliance, risk, audit and governance protocols.
- Willingness to be a continual learner in the governance best practices within the cybersecurity landscape.
Other Essential Requirements
- 2+ years of professional experience.
- Bachelor's degree from an accredited university.
- Cybersecurity, compliance, risk, governance and auditing experience.
- Ability to travel up to 25% of the time.
- Certifications through ISACA, CompTIA, SANS, GIAC or other professional certifying bodies a plus.
-
Sr. Compliance and Privacy Analyst
20 hours ago
Farmington, United States San Juan Regional Medical Center Full timeLove what you do; Love where you live. Position Overview The Senior Compliance & Privacy Analyst serves as a regulatory privacy and compliance specialist within the Office of Compliance and Privacy at SJRMC, to help manage inquiries on a variety of compliance topics by gathering additional details on the questions/issues and conducting relevant research. The...
-
Director of Compliance and IT Audit
2 weeks ago
Beverly Hills, California, United States Strategic Resource Partners Inc Full timeWe are seeking an experienced Director of Compliance and IT Audit to lead our IT compliance and audit functions. This role requires a highly experienced individual with a deep understanding of IT governance, risk management, and compliance principles.About Strategic Resource Partners Inc:We are a forward-thinking company dedicated to delivering innovative...
-
Compliance Analyst
2 months ago
Parsippany-Troy Hills, United States Zoetis, Inc Full timeRole DescriptionThe Compliance Analyst will work under the direction of the Lead Counsel for Compliance Investigations (‘Investigations Lead Counsel‘) and the Monitoring & Testing Lead (‘M&T Lead‘). The Compliance Analyst will help ensure the effective and efficient management of the global Compliance Investigations and Monitoring & Testing functions...
-
Operational Compliance Lead Analyst
1 week ago
Wellesley Hills, Massachusetts, United States Needham Bank Full timeRisk management is at the forefront of our operations at Needham Bank, and we are looking for a skilled Operational Compliance Lead Analyst to join our team. As a critical component of our High-Risk Monitoring Program, you will be responsible for conducting targeted reviews of high-risk areas to assess compliance with regulatory requirements and internal...
-
SOX Compliance and Risk Analyst
3 weeks ago
Wellesley Hills, Massachusetts, United States Needham Bank Full timeWelcome to Needham Bank!SOX Compliance and Risk AnalystWe are excited to announce a new opportunity for a talented SOX Compliance and Risk Analyst to join our Risk Management team. As a key member of our team, you will be responsible for ensuring the accuracy and completeness of financial reporting and maintaining the integrity of our internal control...
-
Internal Audit Consultant
5 days ago
Farmington Hills, United States Experis Full timeInternal Audit Consultant (Metro Detroit Area) Location: Remote with occasional in-person meetings Experience Required: Minimum 5+ years in internal audit Job Description: We are seeking a highly experienced Internal Audit Consultant to join our team on a temporary basis. The ideal candidate will have a strong background in internal auditing and be able...
-
Risk and Compliance Analyst
2 weeks ago
Auburn Hills, Michigan, United States SysMind Tech Full timeRisk and Compliance AnalystWe are seeking a detail-oriented Risk and Compliance Analyst to join our Cybersecurity department. As a key member of our team, you will play a vital role in identifying, assessing, and mitigating risks associated with our cybersecurity initiatives.The ideal candidate will have a solid understanding of risk management principles,...
-
Compliance and Risk Analyst
2 weeks ago
Wellesley Hills, Massachusetts, United States Needham Bank Full timeResponsibilities:Conduct targeted reviews of high-risk areas to assess compliance with regulatory requirements and internal policies and procedures.During the execution of the program, identify and recommend areas of program enhancement to the Operational Assurance Manager, as needed.Work collaboratively with other assurance functions (e.g., Compliance,...
-
Senior Financial Analyst
2 weeks ago
Farmington Hills, Michigan, United States NCMS: National Center for Manufacturing Sciences Full timeAt NCMS, we are committed to accelerating idea creation through execution by bringing together highly capable companies with providers and end-users who need their innovations and technology solutions. We are seeking a skilled Senior Financial Analyst to join our team.This role involves auditing and processing invoices, working with financial staff team...
-
Internal Audit Consultant
5 days ago
Farmington, United States Manpower Group Inc. Full timeInternal Audit Consultant (Metro Detroit Area) Location: Remote with occasional in-person meetings Experience Required: Minimum 5+ years in internal audit Job Description: We are seeking a highly experienced Internal Audit Consultant to join our team on a temporary basis. The ideal candidate will have a strong background in internal auditing and be able to...
-
IT Audit Director
2 weeks ago
Beverly Hills, California, United States ZipRecruiter Full time**Job Title:** IT Audit Director**About the Role:We are seeking a highly experienced IT Audit Director to lead our IT audit function, focusing on Governance, Risk, and Compliance (GRC) across the organization.**Key Responsibilities: Lead, plan, and execute IT audits with a focus on GRC.Develop and implement audit plans to assess the effectiveness of IT...
-
Audit Senior Staff Accountant
5 days ago
Farmington Hills, United States UHY LLP Full timePosition Summary THE FOCUS IS YOU: We are looking to add an Audit Senior Staff Accountant to help lead and guide our clients, in addition to support our internal leaders with the on-going growth in our Farmington Hills office & Great Lakes Region. As an Audit Senior Staff Accountant, you will be responsible for performing the necessary procedures...
-
Safety Compliance Professional
2 weeks ago
Farmington, United States Tomra Full timeThe Role:We are seeking a seasoned professional to join our team as a Safety Compliance Specialist, responsible for fostering a strong safety culture within our Material Recovery Division.This role requires a candidate with a proven track record of ensuring compliance with all relevant health, safety, and environmental regulations. The ideal candidate will...
-
CCM Processing Analyst I
13 hours ago
Farmington Hills, United States Comerica Bank Full timeProcessing Analyst IThe Processing Analyst I role will support the operational activities related to derivatives (Interest Rate Hedges and Energy) swaps transactions, working closely with traders and stakeholders to ensure accurate and timely processing of trades, settlements, and related activities. The role involves handling a range of derivative products,...
-
IT Audit Manager
3 weeks ago
Beverly Hills, United States ZipRecruiter Full timeJob DescriptionJob Description Job Summary: The IT Audit Manager will lead and manage the IT audit function, focusing on Governance, Risk, and Compliance (GRC) across the organization. This role requires a highly experienced individual with a deep understanding of GRC principles and a solid technical background. The IT Audit Manager will ensure that IT...
-
IT Audit Manager
3 months ago
Beverly Hills, United States Strategic Resource Partners Inc Full timeJob DescriptionJob DescriptionJob Summary: The IT Audit Manager will lead and manage the IT audit function, focusing on Governance, Risk, and Compliance (GRC) across the organization. This role requires a highly experienced individual with a deep understanding of GRC principles and a solid technical background. The IT Audit Manager will ensure that IT...
-
Risk & SOX Analyst
1 day ago
Wellesley Hills, United States Needham Bank Full timeJob DescriptionJob DescriptionUnder the direction of the Lead ERM Analyst, the Risk & (Sarbanes-Oxley Act) SOX Analyst will be a dynamic position that will support Risk, SOX, and Internal Audit activities, including monitoring business line risk assessments, collecting and analyzing key risk indicators, performing internal audit/SOX control testing, and...
-
Auditing Specialist
1 week ago
Woodland Hills, California, United States Warner Center Marriott Full time**About this job at Warner Center Marriott**We are looking for a skilled Night Auditor to perform night audit operations, ensuring financial controls and compliance with hotel standards. This role requires strong mathematical skills, attention to detail, and effective communication.As a Night Auditor, you will be responsible for preparing daily restaurant...
-
Compliance Assistant- Letters
1 month ago
Vernon Hills, United States Blitt and Gaines P.C Full timeJob Summary: The Compliance Assistant reviews a daily worklist and creates letters to be sent to our consumers. Letters types may include offer and balance letters, closure letters, validation and documentation letters, responses to disputes or fraud claims, intent to deposit letters and judgment letters. The rep is required to confirm data in each letter to...
-
Safety and Compliance Expert
3 weeks ago
Agoura Hills, California, United States Joni and Friends Full timeAbout the Role:We are seeking a highly skilled and experienced Occupational Health and Safety Professional to join our team in Agoura Hills. As a key member of our team, you will be responsible for designing, developing, and implementing our safety programs, policies, and procedures.Responsibilities:Develop and implement safety programs, policies, and...