IT Compliance Analyst Resume Sample
Work Experience
- Define, execute and maintain a framework for IT Compliance management including validation and classification methods
- Plan, design and execute IT compliance testing, controls assessment and documentation across all domains for IT General Controls, (PCI DSS) Payment Card Industry, Data Privacy, HIPAA and other compliance requirements, as appropriate
- Provide direction and guidance in pre-implementation reviews of new systems to ensure proper controls are implemented and executed to meet compliance and leading practice standards
- Lead day-to-day testing and reporting of IT compliance; monitor internal compliance standards against information security policies and processes
- Validate information security key controls to identify control risks, analyze root causes and trends in potential control weaknesses; suggest new controls to meet compliance standards where applicable
- Maintain awareness of external regulations for new or changed requirements within IT and identify industry standards for core IT processes (e.g. NiST, PCI, ITIL, data privacy etc.)
- Partner and facilitate internal and external audits within IT, as well as periodic assessments to address specific risks
- Work with security team, audit, legal and HR management teams as required, including overseeing annual external ITGC Audits
- Meet and track processes to monitor compliance activities and effectiveness of IT controls/compliance evidence to ensure the Company meets regulatory requirements
- Support and facilitate management’s quarterly control self-assessments and access reviews
- Track compliance processes such as remediation plans, audit requests, and recurring audit reviews to ensure timely completion
- Develop and update compliance control and process documentation as required in support of SOC2 initiatives
- Assist in development, enforcement, and maintenance of policies, procedures, measures, and mechanisms to protect the security, confidentiality, integrity and availability of information
- Manage compliance with SOX standards within IT and with PCI standards across all lines of business
- Coordinate with leaders in Information Technology and end-user departments to implement and sustain appropriate technical and procedural controls to support this objective. Remain apprised of pending changes to standards
- Assist with the annual PCI assessment, remediation and compliance certification processes
- As an integral member of the team, exhibiting ownership, follow through, initiative, awareness and effective communication with peers and management and ability to speak to details of compliance initiatives to both the business and technical teams
- Prepare audit summaries and results with senior IT management providing observations, recommendations and conclusions as well as evaluating management remediation action plans and related status reporting
- Provide accurate, timely communications to IT and impacted management to discuss identified deficiencies, leading practices and recommendations for implementation of modifications to improve compliance and mitigate risk
- Develop and deliver information security Compliance related training and awareness programs
- Maintain a strong knowledge base of industry and technology trends as they apply to IT Compliance management
- Responsible for reviewing management’s narratives, application inventory and testing of IT SOX controls for in-scope IT locations globally
- Assist with evaluating open IT deficiencies at year-end with the external audit and the Controller’s team
Education
Professional Skills
- Maintains a set of IT Security and Compliance required tasks and oversight responsibilities (e.g. SOX, NERC CIP) to ensure full compliance with associated processes; ensures responsibility is assigned to each task; and completes/monitors for completion
- Demonstrated interpersonal skills, excellent oral and written communication skills, analytical skills, problem solving and organization skills are essential
- Strong interpersonal communication skills, analytical ability, detail orientation, a quality focus, and problem solving skills
- Excellent organizational and multi-tasking skills, including the ability to reprioritize responsibilities
- Self-motivated with strong leadership, problem solving, and relationship management skills to effectively coordinate the IT control and remediation efforts
- Detail oriented and strong typing and computer skills, including fluency with word processing, spreadsheet, database, Sharepoint and PowerPoint programs
- Demonstrated skills in performing process/control walkthroughs and control testing, and creating procedure narratives and flowcharts
How to write IT Compliance Analyst Resume
IT Compliance Analyst role is responsible for interpersonal, analytical, organization, documentation, analysis, listening, software, security, planning, travel.
To write great resume for it compliance analyst job, your resume must include:
- Your contact information
- Work experience
- Education
- Skill listing
Contact Information For IT Compliance Analyst Resume
The section contact information is important in your it compliance analyst resume. The recruiter has to be able to contact you ASAP if they like to offer you the job. This is why you need to provide your:
- First and last name
- Telephone number
Work Experience in Your IT Compliance Analyst Resume
The section work experience is an essential part of your it compliance analyst resume. It’s the one thing the recruiter really cares about and pays the most attention to.
This section, however, is not just a list of your previous it compliance analyst responsibilities. It's meant to present you as a wholesome candidate by showcasing your relevant accomplishments and should be tailored specifically to the particular it compliance analyst position you're applying to.
The work experience section should be the detailed summary of your latest 3 or 4 positions.
Representative IT Compliance Analyst resume experience can include:
- Strong problem solving, critical thinking and logical structuring skills
- Excellent listening and communication skills; able to present complex information in an understandable manner, both verbal and written
- Strong interpersonal skills - including the use of written, electronic, and oral communication
- Demonstrated experience communicating security concepts based on audience experience
- Strong data analysis skills (Excel VLOOKUP, matching)
- Excellent communications (written and oral), customer service and problem-solving skills
Education on an IT Compliance Analyst Resume
Make sure to make education a priority on your it compliance analyst resume. If you’ve been working for a few years and have a few solid positions to show, put your education after your it compliance analyst experience. For example, if you have a Ph.D in Neuroscience and a Master's in the same sphere, just list your Ph.D. Besides the doctorate, Master’s degrees go next, followed by Bachelor’s and finally, Associate’s degree.
Additional details to include:
- School you graduated from
- Major/ minor
- Year of graduation
- Location of school
These are the four additional pieces of information you should mention when listing your education on your resume.
Professional Skills in IT Compliance Analyst Resume
When listing skills on your it compliance analyst resume, remember always to be honest about your level of ability. Include the Skills section after experience.
Present the most important skills in your resume, there's a list of typical it compliance analyst skills:
- Strong analytical, issue identification, prioritization, resolution, and report writing skills and experience
- Good interpersonal communication skills and written communication skills (Hebrew and English)
- Effectively lead from within to effectively develop and enhance control testing program, to include automated continuous testing, reporting, and mitigation
- Designing and leading audits to validate that controls are adequate and functioning effectively
- Demonstrated project management, planning, problem-solving and organizational skills
- Strong writing skills, including the ability to create and maintain technical documentation
List of Typical Experience For an IT Compliance Analyst Resume
Experience For Senior IT Compliance Analyst Resume
- Effectively work with cross-functional teams and resources to address competing priorities
- Possess strong interpersonal skills and the ability to adapt information based on the audience
- Have excellent process and time management skills
- Excellent written and verbal skills – executive presence
- Strong interpersonal skills to work across multiple functions in the organization
- Time management skills and capacity to manage priorities and respect important deadlines
- Advanced analysis and problem solving skills utilizing Excel,
Experience For Junior / Mid IT Compliance Analyst Resume
- Problem-solving skills (analytical and intuitive)
- Two (2) or more years of utility, cyber security, auditing, compliance, regulatory or related experience with NERC Compliance experience
- Experience in a IT Audit or Compliance role or related experience
- Experience with GAMP5 SDLC methodology including system risk classification, gap/risk assessments, validation and testing
- Demonstrates commitment to the development, implementation and effectiveness of Alere Quality Management System per FDA, and other regulatory agencies
- Be able to work effectively with colleagues and management
- Have the ability to listen effectively and communicate with honesty
- Autonomous and organizational skills
Experience For It-it Compliance Analyst Resume
- Understanding and experience with IT Audits and Compliance and Information Security best practice
- Demonstrated success in developing, implementing, and auditing Security & Compliance policies and controls is required
- Experience developing and implementing Governance Risk and Compliance processes and tools
- Experience and understanding of systems security including access controls and data integrity
- Prioritize multiple tasks as well as seamlessly transitioning between them
- Experience working with audit firms
- Experience in performing vulnerability scans and assessments as well as computer forensics
- Experience facilitating SOC2 assessments and other large risk assessment conducted by third party auditors
- Experience performing IT risk assessments
Experience For Lead SOX IT Compliance Analyst Resume
- Assist in the facilitation of the full SOX audit life cycle with external audit groups walkthroughs, evidence gathering, and remediation
- Works on 3rd party assurance programs/certifications and gathers the appropriate evidence to support the controls being tested
- Four (2) or more years of experience working with the NERC CIP standards and requirements
- This experience being in IT Compliance / IT Audit
- Experience supervising the work of small teams (3-5 team members)
- Experience working in a highly technical environment
- Knowledge or experience with COBIT, COSO, or Sarbanes-Oxley requirements with respect to IT systems and processes, business operations, or financial accounting
- Consult with IT peers and leadership to improve control efficiencies and operating effectiveness
- Experience working with compliance frameworks
Experience For Senior IT Compliance Analyst, Security Resume
- Experience working in or with Information Technology
- Experience working in or with IT Security
- Experience creating project and portfolio reports / dashboards
- Certifications in Information Security, including CISA, CISM, CISSP, CRISC strongly desired
- Experience working with compliance initiatives related to Sarbanes-Oxley and PCI-DSS
- Experience and understanding of regulatory compliance, regulatory requirements and standards, and IT controls
- Sarbanes-Oxley / IT audit experience, as well as IT Security compliance standards such as ISO 27001/2 and SOC1 / SOC2
- Strong ability to represent data in graphical form
Experience For Lead IT Compliance Analyst Resume
- IT Audit experience or exposure desired
- Experience and in-depth knowledge of Linux and opensource solutions
- Knowledge of and experience with SDLC methodologies in a cGMP regulated environment
- Experience with enterprise applications such as SAP, Ariba and SFDC
- Establish and operate Governance Risk and Compliance processes and tools
- Monitor design and effectiveness of all IT controls
- Internal controls, audit, information security, or technology process experience
- In-depth knowledge and experience of Sarbanes-Oxley, SOC 1, or SOC 2
- Produce high quality documentation and support guidance with facts and evidence
Experience For Principal IT Compliance Analyst Resume
- Participate in periodic training and testing to demonstrate knowledge of security concepts
- Assist with audit evidence gathering
- Experience with hands-on technology risk, security and/or governance
- Maintain organized documentation and workpapers to sufficiently evidence SOX compliance
- Monitor the effectiveness of IT controls/compliance
- 3 – 5+ years direct work experience in a compliance analyst capacity in Information Technology or Internal Audit
Experience For SOX IT Compliance Analyst Resume
- Develop system remediation documentation (e.g. requirements updates, validation plans, testing, etc.)
- Write reports that summarize the validation results
- Experience with Linux/Unix environments and source code version control systems (GIT, GitHUB, etc)
- Directly related IT experience
- Experience in coordinating IT SOX assessments, change management and audit projects
- Three (3) to five (5) years’ experience in the IT field
- Have at least 5 (five) years of experience in IT
Experience For Associate IT Compliance Analyst Resume
- Experience with the MS office suite – Excel, PowerPoint, Word etc
- Experience with security, risk and privacy regulatory frameworks such as NIST, SOX, PCI, HIPAA, ISO, Safe Harbor, CSA, etc
- IT audit, COBIT, IT Compliance (4-6 years experience)
- SDLC experience (Agile, Waterfall, ITIL)
- Strong background in implementing security and compliance related controls and conducting Security Audits
- Strong understanding of cloud service and deployment models
- Experience with IT Security Frameworks such as ISO 27000, NIST 800 series, CSF or Critical Security Controls
Experience For IT Compliance Analyst x Resume
- Experience with an industry standard GRC tool
- Monitor and report on the timeliness and effectiveness of control execution by IT and the business
- Project management work experience required
- IT Audit, IT Compliance, Information Security, System Administrator, or other relevant IT experience
- Experience of development and maintenance of the various compliance system tools (Infor Approva, ServiceNow and TRACK or similar systems)
- Experience with PCI/PADSS, Data Privacy and related security policies, processes, and regulations an advantage
- Experience with National Grid’s Change Control Procedures, Industrial Defender, Tripwire or other asset management applications are all pluses
- Experience in an IT Audit or Enterprise Risk Management (ERM) role
- Experience with regulatory compliance and information security management frameworks (e.g., NIST CSF, NIST 800-53, HIPAA, COBIT, etc.)
List of Typical Skills For an IT Compliance Analyst Resume
Skills For Senior IT Compliance Analyst Resume
- Strong analytical skills, including problem identification, problem resolution, and information gathering
- Strong follow-through skills with attention to details, monitoring, and updating
- Strong analytic skills and a proactive approach to problem solving and the overall execution of job responsibilities
- Experience interacting effectively with internal and external auditors
- Demonstrates level of knowledge necessary to effectively complete the projects
Skills For Junior / Mid IT Compliance Analyst Resume
- Strong communication, documentation, presentation, and facilitation skills
- Strong project management, analytical, and time management skills with a superb attention to detail
- Strong project management skills, to include organization, planning and execution
- Clear and effective communication skills to senior leadership and business stakeholders (written, oral and listening)
- Excellent oral, written and collaborative communication skills, including executive
- Excellent organization, writing, and presentation skills
- Strong written and verbal/interpersonal communication skills are necessary to negotiate and to present findings in a clear and professional manner
Skills For It-it Compliance Analyst Resume
- Strong organizational skills to maintain and manage multiple projects
- Strong problem-solving, negotiation and decision-making skills
- Excellent English writing skills and ability to create process documentation required
- Strong analytical, diagnostic, critical thinking and project management skills required
- Detail oriented team player with excellent organizational skills
- SSAE16 SOC report experience, including experience performing or reviewing SOC reports
- Proven experience implementing and delivering disciplines in controls in an organised manner
- Applies basic competence and skills in performing control assessments
Skills For Lead SOX IT Compliance Analyst Resume
- Strong Microsoft Office program experience, including Project, Visio, Excel, & Word
- Effectively communicate, present and train both technical and non-technical audiences, regarding IT policies, procedures, and best practices
- Strong experience and understanding of Information Security policies, processes and procedures
- Effectively communicate compliance issues
- Demonstrated experience with regulatory and legal requirements (e.g., PCI, SOX, HIPAA, etc.)
- Expertise skills on configuring and auditing systems, routers, firewalls etc and assess their outcomes
- Managerial skills to drive requirement independently
Skills For Senior IT Compliance Analyst, Security Resume
- Demonstrated experience in project management disciplines and standardized process and procedures
- Previous work experience in evidence collection and evaluation of operational compliance processes
- Business systems analysis and documentation skills
- Ensure established controls are operating effectively to mitigate intended risks
- Collect operational effectiveness evidence on a periodic and ongoing basis
- Support audit processes by providing evidence of control configurations and operational effectiveness to internal and external audit teams
Skills For Lead IT Compliance Analyst Resume
- Strategic and analytical skills Up to 25% travel
- Develop new controls to effectively mitigate newly identified risks
- Develop skills to motivate and inspire teamwork
- Prior experience or exposure to SOX, PCI, HIPAA or other compliance regulations highly desired
- Performing examination of security controls to determine design and operational effectiveness
- Working knowledge of AICPA Trust Service Principles and COBIT 5.0 (or prior versions), particularly with the IT Governance and Risk frameworks
- Participate in incident response, including performing investigative follow-up, documenting corrective action and auditing for effectiveness
- Ideally 2-5 years of IT audit or audit experience in public accounting, including internal and external audit support
- Be flexible in meeting changing priorities
Skills For Principal IT Compliance Analyst Resume
- Strong understanding of current and emerging compliance technologies and services
- Excellent understanding of IT systems - Wintel, Networking, Linux, Mainframe
- 3-5 of these years performing Information Security Auditing, or equivalent combination of education and experience
- Experience with reading and analyzing statutory/regulatory compliance requirements (ideally in data privacy area, such as HIPAA or GLBA)
- 3 – 5 years of IT compliance experience including working directly with internal and external audit teams
- Have 3+years’ experience in working in the Utility (Gas/Electric) domain with in a project setting
- Experience of working within a complex business environment e.g. organisation using SAP
- Support of SOX Audit and PCI by collecting and tracking requested evidence by Moore Colson and EY
Skills For SOX IT Compliance Analyst Resume
- Manage the ServiceNow GRC module which supports control documentation, annual SOX testing, internal audits, remediation tracking, evidence collection and risk
- Review SOX evidence on a regular basis documenting and reporting results
- Ensures that the appropriate teams are conducting CVAs annually and prior to bringing new devices into NERC CIP scope
- Strong interpersonal capabilities (communication and problem solving) with the ability to work as part of a project team
- The responsibility requires very effective communication and decision making with all levels of management as well as other division and corporate departments
- Provide guidance in helping design and implement effective IT risk mitigation activities and IT controls
- Skill in technology security diagnosis and troubleshooting
Skills For Associate IT Compliance Analyst Resume
- Utility, cyber security, auditing, compliance, regulatory or related experience
- Experience working with NERC CIP regulatory requirements
- Three years of experience writing different forms of cause analysis
- Experience with forming compliance activities for SAP, Active Directory and other key systems
- Strong understanding of supplier contracts
- Experience and detailed understanding of technology, regulations, and information security or compliance management best practice, processes or methods
- Hands on working knowledge and experience of SOX ITGC, SSAE 16 (SOC 1), and ISO 27K
- Manage multiple assignments and work priorities simultaneously, utilizing tools such as SharePoint, Excel, and Word
Skills For IT Compliance Analyst x Resume
- Evaluate evidence of compliance and measure it against procedures and regulatory requirements to determine if requirements are being met
- Experience using Microsoft Office tools to include Excel, Microsoft Word, and SharePoint
- Experience in project management, consulting, IT, or audit/compliance
- Possess a positive outlook and demonstrate resilience in difficult and discouraging situations
- One to three years of relevant experience, preferably with a Big Four or a second-tier risk advisory consulting firms
- Experience working with Sarbanes-Oxley (SOX) compliance standards
- Have 1-2 year of previous enterprise level experience preparing for assessments
- Solid understanding of IT governance, information security policies, standards and industry best practices
List of Typical Responsibilities For an IT Compliance Analyst Resume
Responsibilities For Senior IT Compliance Analyst Resume
- Excellent presentation, project management, problem-solving, and conflict resolution skills
- Works closely with QA Validation to ensure IOPS IT systems are validated and maintained in a validated state
- Interpret regulations and laws and communicate effectively to all levels of the organization
- Experience operating global IT governance/compliance programs
- As necessary based on experience and need, coach and provide on-the-job training to other compliance analysts and control owners
- Demonstrated advanced proficiency with MS Excel required
- Experience with American Institute of Certified Public Accountants guidelines
- Compliance experience within a cloud environment
- Knowledge of and experience with Quality Management Systems
Responsibilities For Junior / Mid IT Compliance Analyst Resume
- Highly motivated, driven, proven ability to facilitate the resolution of compliance and security gaps
- IT compliance or audit experience and have a professional certification (CISA)
- Reviewing, revising, and, where appropriate, proposing new IT policies and procedures to ensure compliance with applicable laws and regulations
- Assisting with compliance audit, strategy and planning
- Identifying and tracking assessment/audit performance metrics
Responsibilities For It-it Compliance Analyst Resume
- Supporting the issue tracking and resolution process
- Reviewing third-party attestation and audit reports, and providing feedback to business leaders and risk owners
- Monitoring Information Security assessment best practices in the industry to determine opportunities for improvement, including tools and processes
- Assisting business and support functions in evaluating tools and technology that support the enterprise's risk management approach
- Bring visibility to the compliance standards within the department
- Assisting third-party audits in consultation with IT, IA, business process owners and vendor management
- Collaborating with the QVC internal audit team, their agents, and external auditors
- Providing recommendations to business and IT leaders on practices followed in the industry to mitigate risks
- Understanding of IT Change Management best practices desired
Responsibilities For Lead SOX IT Compliance Analyst Resume
- Creating and filing generator pollution
- Managing feedback and plans from audits for Company’s IT department
- Assisting with the security awareness training program
- Maintaining policies and procedures within the information security team
- Responding to customer questionnaires, requests for information (RFIs), requests for proposal (RFPs), as they relate to the information security program
- Driving remediation efforts and working with stakeholders in the IT service desk
- Programming in any scripting language, such as Power Shell or Visual Basic
- Leading industry certification (CISA, CISSP,CISM, CGEIT, CRISC) or the ability to obtain certification within 3 months
Responsibilities For Senior IT Compliance Analyst, Security Resume
- Understanding of Cyber Security best practices
- Internal Auditing: Participate in audits as assigned. Work with stakeholders on remediation efforts, tracking and reporting its progress
- Assists IOPS IT personnel in writing/responding to deviations/events including detailed event investigation and root cause analysis
- Audit pre-go-live checklist for all SOX system implementations, including additional BU’s to already existing applications
- Facilitate and assist in the coordination of the remediation effort, tracking and reporting its progress
- General knowledge of traditional and SaaS-based ERP systems, databases, operating systems and networking
Responsibilities For Lead IT Compliance Analyst Resume
- Assists IOPS IT personnel in participating in and successfully navigating through the Quality Management Processes
- Assist in responding to inbound RFPs from existing and prospective partners
- Assist in reviewing responses to vendor risk assessments and tracking of identified deficiencies
- Participate in the planning, execution, and reporting of IT Audit and Compliance initiatives
- Provide support and oversight to Company’s various IT audit projects and testing initiatives, including audits of its internal controls
Responsibilities For Principal IT Compliance Analyst Resume
- Knowledge of security services, networking, security policy, and consulting
- Maintain awareness of laws and regulations affecting information technology throughout the industry
- Represents IT or assists IT SME’s during in internal and external audits
- Provides support and contributes to the on-going strategy of the IT Compliance program to meet regulatory and company requirements
- Utilizes technologies to facilitate measures and reporting
- Perform IT Compliance testing and evaluation at all Alliance Data facilities
Responsibilities For SOX IT Compliance Analyst Resume
- Assists in other aspects of completing the IT Compliance test plan
- Develops a clear understanding of Juniper’s internal security posture and responds to customer’s information security questionnaires
- Ensures IOPS IT personnel are operating in compliance with regulations and procedures
- Evaluates, develops and modifies IOPS IT Policies and Standard Operating Procedures to meet regulatory requirements and obligations
- Provides IOPS IT with technical writing assistance
- Represents IOPS IT or assists IOPS IT Subject Matter Experts (SMEs) during internal and external audits
- Participates in regulatory audits, spot-checks, and self-certifications including mock audits
- Provides technical guidance on compliance-related security controls, including vulnerability resolution activities, network segmentation, etc
Responsibilities For Associate IT Compliance Analyst Resume
- Create and continually measure key risk indicators related to ongoing compliance activities and organizational requirements
- Maintain domain expertise through continued research, education and learning on relevant compliance requirements and techniques
- In-depth understanding of SOX, PCI-DSS, SSAE-16 SOC2, HIPAA, HITRUST, ISO 27001/27002 and NIST SP800-53 control frameworks
- Monitor compliance with IT policies, procedures, and operating standard
- Provide IT compliance inputs into IT policies, procedures and operating standards
- Contribute to the ongoing development of internal controls and awareness within the organization
- Lead ongoing development of IT SOX policies, control documentation and knowledge repository
Responsibilities For IT Compliance Analyst x Resume
- Partner with security on risk assessment activities across the organization, including 3rd party risk assessments
- Administer security incident table top testing
- Facilitate cyber security awareness training
- Design, implement, review, and update SOX documentation for IT general computing (ITGC) and automated controls (ITAC)
- Develop and deliver application security training to GEICO?s development teams
- Participate in the change management process ensuring that all releases are compliant with security standards
- Monitor PCI DSS compliance of relevant hosting partners and application vendors