Job Title:IT Risk&Compliance Analyst
Division:2000: Republic Services, Inc.
Location:04218: Phoenix-18500 N Allied Way
The IT Risk and Compliance Analyst collaborates with Internal Audit and IT teams to deliver IT Risk and Compliance services. The Analyst assists with the evaluation and rationalization of IT controls in the context of SOX IT Audit, PCI and Privacy requirements; and performs enterprise cyber and technology risk assessments.
Evaluation of IT controls to reduce the impact of internal and external IT audits
Controls rationalization to simplify the IT control environment
Evaluate/interpret SOX IT Audit, PCI DSS v3.1 and Privacy requirements and provide guidance to process and control owners on the objective / intent of the requirements
Assist project teams to evaluate IT Risk and Compliance considerations for projects
Assist with enterprise cyber and technology risk assessments
Collaborate with business units to deliver enterprise risk assessment results; and identify solutions to minimize risk exposure
Performs other job-related duties as assigned.
The statements used herein are intended to describe the general nature and level of the work being performed by an employee in this position, and are not intended to be construed as an exhaustive list of responsibilities, duties and skills required by an incumbent so classified. Furthermore, they do not establish a contract for employment and are subject to change at the discretion of the Company.
Minimum of 4 years of experience in IT Audit, IT Risk Management or IT Compliance (Required).
Prior exposure to, and experience with, SOX IT Audit, PCI DSS v3.1 and Privacy regulations (Required).
Bachelor s Degree in Information Security, Accounting and Information Systems, IT Risk Management
Big 4 experience in the IT Audit and Advisory domain.
Experience with GRC tools and policy / procedure development.
Certifications: Certified Information Systems Auditor (CISA), Certified in Risk and Information Systems Control (CRISC), GIAC Critical Controls Certification (GCCC), or GIAC Security Essentials (GSEC).
Intermediate to advanced proficiency in the use of Microsoft Office products, including Word, Excel and PowerPoint.
Strong technical, analytical and problem solving skills.
Strong communication skills to effectively interact with internal and external partners on all levels to resolve issues and provide solutions in a timely manner.
Republic Services is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, sexual orientation, gender identity or expression, national origin, age, disability, protected veteran status, genetic information, or any other characteristic protected by applicable law.
Associated topics: analyst, analyst ii, assessor, control, cyber, defense, gcs, information security, information security specialist, security engineer