SENIOR TECHNOLOGY CONTROLS AND COMPLIANCE ANALYST- REMOTE

Job Summary

Compass Group North America has an exciting opportunity in the Technology Risk & Governance team as a Controls & Compliance Sr Analyst, whose role will assist in the support of a strong regulatory compliance program and improve the framework for ensuring compliance with applicable regulatory and industry standards. 

Combining regulatory acumen with technical knowledge, this Controls & Compliance Sr Analyst role will assist in improving regulatory compliance by partnering with It and business teams. The Controls & Compliance Sr Analyst will help drive strategic initiatives to maintain compliance and create sustainable control operational processes. This role will help Compass achieve regulatory compliance objectives while limiting impact on operations. 

Essential Duties and Responsibilities

• Engage and build relationships with the application teams to understand current processes and procedures that will drive control design. 
• Drive collaboration with compliance control owners to design IT General Controls (ITGCs) to meet regulatory requirements. 
• Perform actions to verify and validate IT General Controls (ITGCs) operations for design effectiveness and operational sustainability. 
• Maintain controls documentation and create new documentation as needed.   
• Assist in identifying and implementing automation opportunities to proactively validate compliance.  
• Support periodic reviews and updates to information security policies, coordinating with IT, Legal, Auditing and other business teams to collect content.
• Provide input into risk mitigation strategies and programs.     
• Support IT risk, audit, and compliance reporting via consolidated dashboards to aid in executive management decision making process. 
• Provide knowledge sharing with control owners to broaden their understanding of controls and drive effective design.

Qualifications

To perform this job successfully, an individual must be able to perform each essential duty satisfactorily.  The requirements listed below are representative of the knowledge, skill, and/or ability required.  Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

• Experience managing control design efforts across various applications and tool sets.
• Exceptional communication skills with diverse audiences - Strong critical thinking and analytical skills 
• Precision in designing controls, control documentation, and audit evidence to ensure it meets completeness and accuracy requirements. 
• Strong leadership, project, and team-building skills, including the ability to lead teams and drive initiatives in multiple areas. 
• Demonstrated ability to identify risks associated with business processes, operations, information security programs, and technology projects. 
• Ability to work in a fast-paced environment and juggle multiple priorities and work with various stakeholders.
• Ability to partner with team members to achieve results that make business sense, including identifying opportunities for effective improvements.
• Ability to work independently while being able to contribute successfully to cross-functional teams.

Education and Experience:  

• 7+ years of experience in a combination of information security and audit. 
• In depth working knowledge in data analytics and programming (Python scripts, etc.) 
• Exposure to compliance regulations such as UK CR, SOX, PCI-DSS, and GDPR are highly desired. 
• Security certifications including CISA, CISM, CISSP, and GIAC is highly desired.  
• Exceptional interpersonal skills, including teamwork and facilitation. 
• Excellent written, verbal, communication, and presentation skills.  
• Experience in a global retail/hospitality environment is preferred. 
• Knowledge and experience of Information Security Risk and Compliance governance. 
• Bachelor’s degree in a related field of study, or equivalent experience.