Jobs · Legal

Remote - Lead Audit/Compliance Analyst

Largeton Group · United States · 2 days ago
RemoteRemoteLegalContract

Key Responsibilities

  • Plan, coordinate, and facilitate RCSA working sessions.
  • Create agendas, discussion materials, action trackers, and follow-up documentation.
  • Capture workshop outcomes, decisions, open items, owners, and target dates.
  • Track action items through resolution and escalate delays or unresolved matters as appropriate.
  • Promote consistency in how risks, controls, gaps, and remediation actions are documented.
  • Review existing RCSA documentation against applicable standards and control documentation requirements.
  • Audit existing control documentation for clarity and appropriateness.
  • Identify missing, outdated, duplicative, unclear, or unsupported control documentation.
  • Work with Technology and First Line of Defense stakeholders to address documentation gaps.
  • Document gap assessment results, proposed remediation actions, and closure status.
  • Review existing control language and propose enhancements to improve precision and auditability.
  • Ensure control statements clearly describe the control activity, owner, frequency, scope, evidence, and expected outcome.
  • Distinguish true control activities from process steps, procedures, standards, or general oversight activities.
  • Vet proposed enhancements with First Line of Defense stakeholders and incorporate feedback.
  • Support finalization of revised control language for review and approval.
  • Review testing scripts against revised or proposed control articulation.
  • Assess whether test steps align to the control objective, frequency, evidence, population, sampling approach, and expected result.
  • Identify testing-script gaps, including unclear procedures, incomplete evidence requirements, weak sampling guidance, or unsupported conclusions.
  • Recommend practical testing-script uplifts.
  • Afford support for Technology control testing where warranted, including evidence review, test execution support, exception documentation, and results validation.
  • Maintain the RCM inventory for assigned Technology processes and control areas.
  • Ensure RCMs reflect current risks, controls, owners, frequencies, evidence requirements, testing expectations, and process linkages.
  • Help update RCMs and process maps to reflect current-state processes, control points, systems, handoffs, and ownership.
  • Maintain traceability between RCSA documentation, RCMs, process maps, testing scripts, issues, and change records.
  • Support change management protocols for updates to control documentation, RCMs, testing scripts, and process maps.
  • Cook up stakeholder review, approvals, version control, change logs, and implementation tracking.

Job Experience

  • Experience facilitating workshops and/or leading walkthroughs with Technology stakeholders, control owners, process owners, risk partners, and First Line of Defense teams.
  • Strong experience reviewing risk and control documentation against standards and identifying gaps.
  • Experience drafting or enhancing control language to improve clarity, completeness, testability, and auditability.
  • Experience reviewing testing scripts and recommending improvements.
  • Familiarity with RCM inventory management, process mapping, control libraries, risk taxonomies, and change management protocols.
  • Experience with Technology control domains such as access management, change management, cybersecurity, infrastructure, applications, data protection, IT operations, or third-party technology risk.

Must-Have Requirements

  • Strong understanding of RCSA methodology, risk and control concepts, control design, testing, issues, and remediation.
  • Experience in technology risk management, IT controls, operational risk, RCSA execution, control testing, internal audit, risk governance, or related disciplines.
  • Ability to facilitate structured workshops and drive open items to resolution.
  • Strong documentation skills and ability to write clear, testable control language.
  • Ability to identify gaps between current-state documentation and standard requirements.
  • Strong analytical skills with attention to detail.
  • Ability to translate technical Technology processes into clear risk and control language.
  • Strong stakeholder management and communication skills.
  • Ability to work effectively with First Line of Defense teams and Technology SMEs.
  • Ability to manage multiple deliverables and produce high-quality work within agreed timelines.

Similar jobs