Sr. Analyst, Technology Compliance
About the role
We are looking for a Senior Technology Compliance Analyst who will play a pivotal role in advancing our Compliance Program. This unique opportunity allows you to serve as a subject matter expert, collaborating with Technology management teams to design, evaluate and test internal controls for efficiency and effectiveness. In this role, you will monitor regulatory and technology changes, coordinate with internal and external auditors, and ensure compliance across the organization.
Responsibilities
- Develop and maintain a comprehensive framework for Technology Compliance, including validation, classification, and control testing across IT domains (e.g., PCI DSS, HIPAA, Data Privacy).
- Execute enterprise compliance governance frameworks, balancing risk appetite with business needs and translating findings into actionable steps.
- Lead compliance assessments and pre-implementation reviews to ensure proper controls are designed, implemented, and documented.
- Design, implement, and maintain enterprise-wide General IT Controls (GITCs) and compliance frameworks aligned with regulatory requirements (PCI DSS, SOX, HIPAA, Data Privacy, etc.).
- Develop and enforce processes and procedures to ensure adherence to company policies, laws, and industry standards (e.g., NIST, ITIL).
- Influence compliance strategy and direction within established standards and guidance.
- Act as a trusted advisor and subject matter expert on technology key controls, partnering to evaluate control effectiveness, identify risks, and support remediation efforts.
- Leverage technical experience to assist management in designing appropriate automation and system configurations to support the enforcement and collection of compliance-related evidence.
- Facilitate internal and external audits, and provide clear, timely communication of findings, recommendations, and remediation plans.
- Maintain awareness of emerging technology trends and evolving external regulations to proactively adapt compliance processes.
- Audit compliance exposure and deficiencies across internal and external systems, recommending effective solutions.
- Lead remediation and design review meetings, build consensus on compliance strategies, and influence direction across teams.
Requirements
- Bachelor's degree (or equivalent experience), with solid IT audit or compliance experience.
- Familiarity with Technology Compliance management industry frameworks and standards: NIST, OWASP, SANS, ISO-27001/2, SANS, and Cobit 5+
- +5 years working experience with enterprise technology compliance management programs, or auditing experience, controls testing, conducting ITGC and PCI assessments.
- Possession of industry certifications required: CISA and/or CISSP.
- Desired: CRISC, CIA, CISM, PCI
- Strong Communication skills with the ability to clearly communicate through tailored messaging, organized presentations, and group facilitation.
- Strong technical skills with the ability to design IT controls and system functions that enforce or collect compliance evidence.
- Demonstrates expertise in mentoring colleagues on compliance principles and leading effective training and awareness programs.
- Demonstrates strong analytical, problem-solving, and organizational skills under pressure, with a commitment to world-class service, flexibility, and continuous improvement.
- Effective organization and time management skills with strong attention to detail.
Qualifications
- Strong communication skills with the ability to clearly communicate through tailored messaging, organized presentations, and group facilitation.
- Strong technical skills with the ability to design IT controls and system functions that enforce or collect compliance evidence.
- Demonstrates expertise in mentoring colleagues on compliance principles and leading effective training and awareness programs.
- Demonstrates strong analytical, problem-solving, and organizational skills under pressure, with a commitment to world-class service, flexibility, and continuous improvement.
- Effective organization and time management skills with strong attention to detail.
Pay
The Annual Salary For This Position Is $99,200.00 - $148,800.00 May be eligible for bonus and equity.
Schedule
This role will be based out of the Richmond, VA Technology Innovation Center. Associates based in Richmond work onsite 5 days per week.
Benefits
Associates are entitled to the following paid sick, vacation, and holiday time. Associates that are considered full-time hourly or commission/incentive eligible to earn up to 48 hours of sick time per year accrued on a per pay period basis and between 80 hours and 200 hours per year of vacation time after a 90 day waiting period depending on years of continuous service with the Company. For 8 hours of pay for each of a total of 6 paid scheduled holidays per year plus 1 floating holiday. If such an Associate does work on a scheduled holiday due to business need, they are eligible for Holiday Premium Pay. Associates considered full-time salaried are entitled to paid time away with no specified limit as needed for sick, vacation, bereavement, jury duty, holidays, floating holiday, etc. subject to manager approval.