Senior IT Controls & Compliance Analyst (Hybrid)

$78,650 - $121,000/Yr

First American Financial - Santa Ana, CA

posted 6 months ago

Full-time - Mid Level
Santa Ana, CA
Insurance Carriers and Related Activities

About the position

As a Senior IT Controls & Compliance Analyst at First American, you will play a crucial role in supporting various audit workstreams for lenders, regulators, and internal and external audits, including SOX and SOC efforts. This position requires a deep understanding of IT general controls and IT audit fundamentals, along with strong project management skills and process analysis capabilities. You will be responsible for analyzing audit control gaps, providing recommendations to remediate findings, and advising management on the design and implementation of control activities that mitigate risks and enhance the control environment. In this hybrid role, you will work two days a week onsite in Santa Ana, CA, collaborating with personnel across all levels of the organization. Your responsibilities will include performing readiness assessments with application teams, developing and maintaining tools and processes to streamline compliance activities, and providing excellent customer service in support of program activities. You will also maintain relationships with control owners and key stakeholders, assist in the maintenance of program documents, and ensure that you stay informed about company and IT objectives and risks. Additionally, you will be expected to provide ongoing education and training in Information Security, maintain data within the system of record, and participate in discussions to evaluate risks and determine appropriate controls. This role requires a proactive approach, as you will need to perform duties outside of normal work hours based on business needs, and tasks will range from simple audit steps to complex risk assessments. Your ability to work independently, demonstrate initiative, and maintain effective relationships with all levels of the organization will be key to your success in this position.

Responsibilities

  • Perform analysis of audit control gaps over processes and tools, analyze evidence, and provide recommendations to remediate findings and improve the control environment
  • Advise management on the design and implementation of control activities that reduce risk, add value, and mature the control environment
  • Assist in the development, maintenance, and implementation of tools and processes to streamline and automate compliance and control activities
  • Perform readiness assessments with application teams to onboard to SOC and SOX program by creating test plans, analyzing evidence to ensure it meets control objectives, identifying gaps, and communicating results to stakeholders
  • Provide excellent customer service in support of program activities
  • Develop and maintain an ongoing relationship with control owners and key stakeholders including Information Security, IT, business lines, Internal Audit, and external third parties
  • Assist with the maintenance and update of program documents
  • Maintain an understanding of Company and IT objectives and risks
  • Perform ongoing education and training in Information Security related areas
  • Provide subject matter expertise related to IT General Controls and Information Security policies and standards
  • Maintain data within the system of record which tracks issues, engagements, and metrics communicated throughout the organization
  • Perform duties outside of normal work hours based on business needs
  • Participate in brainstorming discussions and act in an advisory capacity
  • Evaluate risks and determine appropriate and cost-effective controls to mitigate risk

Requirements

  • Minimum 5 years relevant work experience in Information Security, IT Risk Management, IT Governance or IT Audit
  • Bachelor's Degree or above
  • Effectively communicate IT compliance expectations to all levels of the organization including operational personnel and executive management
  • Gain support and consensus with multiple stakeholders and partners (internal and external)
  • Manage multiple initiatives simultaneously, with strong ability to prioritize
  • Respond appropriately to potential audit findings including vetting and assessment of risk
  • Customer focused in the context of balancing risk reduction with business needs
  • High attention to detail to manage, analyze and finalize artifacts and documents
  • Highly developed oral and written communication skills; strong presentation skills
  • Highly flexible, adapting to changes in priorities and requirements
  • Development and maintenance of program-related documentation (e.g., standard operating procedures)
  • Ability to quickly learn, communicate and apply technical concepts
  • Relevant, industry recognized security certification such as CISSP, CISA, CISM

Benefits

  • Medical insurance
  • Dental insurance
  • Vision insurance
  • 401k
  • PTO/paid sick leave
  • Employee stock purchase plan

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service