As a Sr. IT Compliance Analyst working in the IT Department, you will be responsible for supporting various compliance initiatives and projects. Emphasis will be on IT controls and risk assessments, pre-audit activities, tracking remediation activities, helping to provide evidence that policies and controls are enforced, and maintaining compliance documentation as needed. You will be interacting with Microvast associates globally in the United States, China, and Germany.
The candidate will also assist Internal Audit with SOX ITGC testing and operational audits from IT perspective.
Essential Duties and Responsibilities
- Prepares and executes SOX (Sarbanes-Oxley) audit for ITGC (IT General Controls).
- Provides PBC items to Internal Audit and external auditors on SOX ITGC testing.
- Develops internal audit procedures related to IT testing.
- Drafts findings and validates audit findings with process owners.
- Assists IT SVP remediating deficiencies and updating ITGC risk control matrix.
- Maintains legal and regulatory compliance by researching and communicating requirements and obtaining approvals.
- Reviews regulatory bulletins and other sources of information to research and stay up to date on regulations.
- Prepares reports by collecting, analyzing, and summarizing information.
- Maintains quality service by establishing and enforcing organization standards.
- Performs internal reviews to ensure that all policies and procedures are implemented properly.
- Resolves issues and concerns from external and internal clients/auditors.
- Maintains and updates assigned compliance program and risk assessments.
- Assists management with conducting assigned periodic regulatory risk assessments.
- Assists in answering compliance related client and internal inquiries.
- Recommends process, policy or procedure additions and modifications to the IT Policy knowledge base.
Required Skills and Experience
- Minimum of 3 years of experience in IT auditing/compliance role
- Ability to work in a rapidly changing and challenging environment.
- Understanding of compliance frameworks, specifically SOX, SOC-1, SOC-2, NIST-CSF, IATF, and ISO-27001.
- Ability to assess business and information technology processes and implement improvements and controls.
- Understanding of information risks, concepts, principles and industry standards.
- Understanding of basic risk assessment methodologies and technologies.
- Interest in developing, documenting and maintaining security policies, processes and procedures.
- Strong Microsoft Office skills.
- Solid analytical skills and understanding of processes, technology and operational concepts.
- An unquestionable work ethic with the ability to accomplish established goals with minimal supervision.
- Excellent critical thinking skills.
- Strong project management and people management skills.
- A high degree of attention to detail and highly organized.
- Strong written and oral communication skills.
- Strong technical documentation skills.
- Strong teamwork skills.
- Excellent leadership skills.
- Ability and drive to adapt and learn new skills related to IT compliance.
- Ability to multi-task and shift with changing priorities and projects.
- Ability to train IT compliance concepts to others.
- Bachelor’s degree in Information Technology of related field.
- Certification of CISA, CISM strongly preferred
Location: Clarksville, TN.