Senior IT Risk & Compliance Analyst
Job Summary
The Senior IT Risk and Compliance Analyst performs IT Third Party Risk Management (TPRM) compliance tasks and interacts with other teams to gather information and track remediation, as required. This person is responsible for conducting IT systems audits of networks, databases, systems, applications, and other IT components to ensure compliance with applicable policies, procedures, regulations, and laws. This consists of periodic reviews of information security provisioning to ensure all actions are authorized, accurate, documented and in compliance with policies and procedures. Provides recommendations for improving the user security process while ensuring compliance, improving processes and providing for periodic audit reporting.
Responsibilities
- Conducts IT Third Party Risk Management (TPRM) assessments during the Workiva selection process
- Identify gaps between policy and reality in regards to security controls
- Compile raw data into actionable reports for decision-making purposes
- Develop methodologies to enable continuous monitoring of compliance with security controls
- Search and provide continuous improvement and developmental suggestions for internal audits
- Assist with the recommendation or implementation of security controls
- Assist in creating and implementing security standards, policy, guidelines and practices
- Participate and facilitate IT risk assessments of Workiva IT processes, policies, and controls
- Develop and produce various management reports demonstrating IT risk landscape and improvement initiatives
- Help coordinate work towards new compliance objectives
- Serve as a Subject Matter Expert on compliance obligations and maintain policy in accordance with these
- Collect, maintain, retrieve, and prepare evidence for successful external audit compliance including audits for SSAE18 SOC1, SOC2, SOX, ISO, FedRAMP, or customers/prospects
- Collaborate with internal and external parties to determine evidence requests and identify the best method to provide information
- Assist with communication and education campaigns
What You'll Need
Education
- Undergraduate Degree or equivalent combination of education and experience in a related field.
Skills
- Excellent verbal, written, and interpersonal communication skills
- Self-motivated with strong propensity for action, results and continuous improvement
- The ability to work successfully in a high-energy, fast paced, rapidly changing environment is necessary
- Exceptional organizational skills with the ability to multi-task and manage multiple processes, programs, and procedures simultaneously while working under pressure to meet deadlines
- Initiative to develop efficient and effective methods of automated reporting and other tasks
- Tolerance and self-discipline to maintain a regular schedule of audit tasks
- Strong organizational skills to collect and maintain accurate evidence from audits for future reference
- Collaboration and communication skills to work with many types of internal and external parties to understand compliance requirements and audit requests, and identify the best method to achieve them
Experience
- 5+ years of progressive IT audit, third party risk management, IT internal controls development, controls assurance, and/or IT risk management experience
- Experience in compliance evaluation and remediation with one or more of: SOC, SOX, GDPR, HIPAA, FedRAMP, ISO 27001:2013
- Certified Information Security Auditor (CISA) or Certified Information Systems Security Professional (CISSP) preferred
Travel Requirement
- Less than 5% to meet with employees, vendors, and/or suppliers
Working Conditions & Physical Requirements
- Reliable internet access for any period of time working remotely, not in a Workiva office.
How You'll Be Rewarded
Base Pay Range in Colorado: $109,000- $139,000
Discretionary bonus typically paid annually
Restricted Stock Units granted at time of hire
The base pay range represents the low and high end of the hiring range for this job. Actual pay will vary and may be above or below the range based on various factors including but not limited to relevant skills, experience, and capabilities.
Where You’ll Work
Our values drive how we work and who we hire. You will see these values ingrained in how we support our customers, work with team members, build our products and in the work environment we’ve created.
Customer Success: Always delight our customers.
Trust: Rely on each other.
Integrity: Do the right thing, every time.
Collaboration: Share resources and work together.
Innovation: Keep creating solutions and finding better ways.
Inclusion: Support a diverse community where we all belong.
Accountability: Be responsible for your success and failure.
We believe our people are our greatest asset, and our unique culture gives employees the opportunity to make an impact everyday. We give our employees the freedom and resources they need—backed by our culture of collaboration and diverse thought—to continue innovating and breaking new ground. We hire talented people with a wide range of skills and experiences who are eager to tackle some of today’s most challenging problems.
At Workiva, you’ll enjoy:
Fantastic Benefits: With coverage starting day one, choose from competitive health, dental, and vision plans on the largest physician networks available.
Casual Dress: Workiva has a casual work environment, most people wear jeans to the office.
Involvement: Ability to participate in Employee Resource Groups, (Women in Tech, Women in Sales, Ethnic Diversity, Veterans, Rainbow (LGBTQ), Remote Employees, Caregiving) Volunteering, Company wide celebrations, and more
Work-life Balance: We have competitive PTO, VTO and Parental Leave. We encourage employees to spend time enjoying life outside of work.
Learn more about life at Workiva: www.linkedin.com/showcase/workiva-life-and-careers/
Learn more about the company: https://www.linkedin.com/company/workiva/
Learn more about benefits: https://www.workiva.com/careers/benefits
Workiva is an Equal Employment Opportunity and Affirmative Action Employer. We believe that great minds think differently. We value diversity of backgrounds, beliefs, and interests, and we recognize diversity as an important source of intellectual thought, varied perspective, and innovation. Employment decisions are made without regard to age, race, creed, color, religion, sex, national origin, ancestry, disability status, veteran status, sexual orientation, gender identity or expression genetic information, marital status, citizenship status or any other protected characteristic.
Workiva is committed to working with and providing reasonable accommodations to applicants with disabilities. To request assistance with the application process, please email [email protected].
Workiva supports employees in working where they work best - either from an office or remotely from any location within their country of employment. Effective October 18, 2021, proof of COVID-19 vaccination is required to visit any Workiva office, attend in-person meetings, or travel for business purposes.