Analyst - Systems & Regulatory Compliance
Discovery Communications
Silver Spring, MDThis was removed by the employer on 11/4/2018 4:31:00 PM PST
Not to worry we have many other jobs on the site;
Browse all jobs
Browse the IS/IT Category
Browse the TV Network Category
Search for Analyst - Systems & Regulatory Compliance jobs in Silver Spring-MD
Search all Analyst - Systems & Regulatory Compliance postings
Full Time Job
The Role
The Systems & Regulatory Compliance Analyst is responsible for assisting in providing stewardship over the Sarbanes Oxley Act (SOX) IT compliance program. Primary duties will consist of coordinating with internal and external auditors, leading and supporting the management self-testing process, coordinating the SOX 302 Quarterly Certifications reporting process, managing the full automation of control self-testing cycle. A visible part of the position will include internal consulting on IT control issues and assisting in implementing and supporting additional IT Compliance programs such as PCI, GDPR, and Privacy Shield, as well as contributing to risk assessments. In this role, you will work under supervision on complex projects and may assist less experienced peers.
Responsibilities
1. Support SOX ITGC Program sustainability by ensuring IT controls remain effective, documentation is kept current, and evidence is maintained in preparation for self-assessments and external audits
2. In coordination with Internal Audit, review documentation and conduct walkthroughs for proposed processes and controls
3. Work in partnership with IT Management to understand audit findings, develop management action plans, identify solutions, and obtain acceptable responses for SOX and other compliance reviews
4. Ensure documentation reflects current control environment for Key Controls, Non-Key Controls, and Issues (with related Management Action Plans)
5. Manage SOX Documentation in sync with Internal Audit and SOX ITGC repository for ITGC documentation and for SOX 302 Quarterly certifications
6. Conduct meetings with SMEs, Control Testers, Control Owners, and Process Owners for SOX and other Compliance programs
7. Conduct Risk Assessments with IT Management and coordinate IT ELC testing
8. Develop and conduct training for SOX Self-Assessment methodology and for additional compliance programs
9. Coordinate between IT Control Owners and Process Owners for ownership changes efforts
10. Support testers and IT Management in the execution of Quarterly Control Self-Testing process
11. Perform quarterly independent review of self-tests
12. Prepare SOX Deficiency Memos with Internal Audit
13. Work closely with Internal Audit during periodic audits and reviews
14. Work closely with internal and external auditors during assessments
15. Perform SOX IT project management duties, defining calendars, sending status emails, reporting to management
16. Develop new compliance review processes, train IT management, conduct reviews, and report on results
17. Serve as a liaison with Internal Audit and external auditors to facilitate the IT audit process
Requirements
* Minimum of 5 years’ experience with standard IT governance, risk, compliance, and project quality management frameworks and standards (COBIT, RiskIT, ValIT, ISO 38000, ITIL, CMMI)
* Minimum of 3 years’ experience with compliance and regulatory requirements such as SOX, EU Data Privacy (GDPR), GLBA, PCI-DSS
* Knowledge of SAP GRC platform
* Minimum of 3 years’ experience with SDLC process frameworks, methodologies, tools, and practices
* BA degree in Computers, Information Technology or related field
* Experience and familiarity with full life cycle information technology solution implementation from conceptualization, requirements, design and specification through development (coding or architecting), integration testing, commissioning, and retirement
* Strong written and verbal communication skills including the ability to interact directly with customers that do not have an audit or compliance background
* Strong technical writing skills
* Ability to provide detailed documentation of actions as they occur
* Ability to work independently as well as in a team environment and adapt to shifting priorities.
* Self-motivation and interpersonal skills, with a strong ability to make sound, independent judgments and collaborate effectively with colleagues while working in a dynamic environment
* One or more of the following certification designations is required: Certified Information Systems Auditor (CISA), Certified in the Governance of Enterprise IT (CGEIT), Certified in Risk and Information System Control (CRISC)
* Must have the legal right to work in the United States
Silver Spring, Maryland, MD