Senior IT Governance Analyst
AAON, Inc. · Tulsa, OK · 3 wk ago
Information TechnologyFull-time
About the role
The IT Governance Analyst will contribute to the governance, risk management, and compliance functions within the Information Services organization.
Responsibilities
- Develop risk, compliance, and assurance monitoring and measurement strategies
- Oversee and conduct technology program and project audits and communicate status and risk to business stakeholders
- Determine the operational and business risk impacts of cybersecurity lapses
- Determine if procurement activities sufficiently address supply chain risks and recommend improvements to address cybersecurity requirements
- Conduct comprehensive IT audits focused on Sarbanes-Oxley (SOX), IT General Controls (ITGC), and other frameworks
- Develop and implement independent cybersecurity audit processes for application software, networks, and systems
- Cookordination and tracking of remediation of all gaps identified as part of the Due Diligence (DD) process
- Work with internal IT Teams and third-party vendors to track key findings from risk assessments, from discovery to remediation
- Assist in maintaining a secure enterprise environment across the AAON technical landscape; leverage specific or broad in-depth technical skillsets to achieve this outcome
- Communicate clearly, diplomatically and effectively at all levels of the organization and to audiences with varying degrees of process and technical knowledge
- Execute tasks in a high-pressure environment and multi-task
Qualifications
- Preferred but not required qualifications include:
- Bachelor’s degree in Business Administration, Risk Management, Information Security, or a related field
- Minimum of 5 years of experience in business process analysis
- Strong knowledge of regulatory requirements and industry standards (e.g., ISO 27001, GDPR, SOX)
- Excellent analytical, problem-solving, and decision-making skills
- Strong communication and interpersonal skills
- Professional certifications such as CISSP, CISM, CRISC, or similar are preferred
- Demonstrate strong writing skills