Senior IT Business Operations Compliance Analyst

Posted · Add Comment
Published: May 22, 2020
Weldon Spring, MO
Job Type
Based on Experience



  • Build close partnership with Global Security and Privacy Office and stay current with regulations in global markets; anticipate upcoming business and commercial software product needs to comply with regulations/policies.
  • Review and establish appropriate IT and business operations controls to ensure appropriate compliance with relevant regulations and risk management needs.
  • Effectively partner with and direct technical and software product teams to ensure accurate risk assessments and quickly determine appropriate remediations.
  • Process requests and inquiries from external clients and internal teams related to security/privacy assessments and compliance with secure SDLC processes.
  • Lead and/or support audit activities with external clients and oversee necessary remediation plans and delivery.
  • Support success and effectiveness of SOC 2 attestation and underlying controls.
  • Manage compliance with key internal policy partners and critical external vendors.
  • Execute key processes to ensure compliance with various programs (vendor selection/management, control risk reporting, etc).
  • Analyze business and software agreements, take lead on developing client service level agreements with technical teams, and advise senior management on improvements for managing service level agreements.
  • Develop and manage overall Client Compliance Plans to ensure that, across all delivery teams, client contractual commitments are met.
  • Map out current state and future state business/data/system flows as needed and evaluate, recommend, and drive decision making on risk-based approaches avoid client risk.
  • Produce high quality compliance, governance, and business operations reporting including KPIs and other business-critical information for senior leadership and internal stakeholders.
  • Perform key business and financial analysis as needed to support key governance initiatives.
  • Provide risk management reporting to Executive Director and lead initiatives as assigned to respond to specific risks.
  • Facilitate the alignment and transformation of budget/actuals to decision support models and supports all areas of Technologies with the building and tracking of business cases.
  • Ensure end-to-end alignment of resource time tracking that allows Executive Directors and VPs to manage budgets effectively.
  • Maintain regular and predictable attendance.
  • Perform other duties as assigned.
  • Act as liaison between internal management (e.g. IT, Compliance, Risk, Finance), external auditors, and co-sourced auditors.
  • When acting as manager of other auditors, lead by example through active participation and coordinates audit activities including: *Provide expertise to audit staff regarding departmental audit procedures and audit tools; *Direct and motivate audit staff to ensure timely completion of audits; *Evaluate audit procedures, work paper documentation and audit conclusion for completeness; *Recommend changes to audit procedures to enhance efficiency and respond to change.
  • Leverage expertise to identify key IT risks and automation within operational, business, and IT-related processes and activities.
  • Comfortable handling appropriate levels of risk and uncertainty.
  • Revise existing procedures to enhance efficiencies or to capture changes in the risk posture.
  • Partner with Information Security and ensure proper adherence to Incident Response Plan in response to any suspected security incidents.




  • Bachelor’s Degree in Management Information Systems, Accounting, Business or equivalent combination of related work experience and education.
  • Certified Information Systems Auditor (CISA), Certified in Risk and Information Systems Control (CRISC), Certified Public Accountant (CPA), Certified Internal Auditor (CIA), or equivalent certification(s).
  • 10+ years’ experience in software development, product management and services delivery organization.
  • 5+ years’ internal or external audit or equivalent experience.


  • Advanced degree in Management Information Systems, Accounting, Finance or equivalent education.
  • Experience managing SOC 2 audits.
  • Certified Information Privacy Professional (CIPP), Certified Information Security Manager (CISM), Certified Information Systems Security Professional (CISSP).
  • Extensive knowledge of global data privacy and cyber security regulations.
  • Prior experience in a public accounting firm.
  • Prior leadership position in reinsurance or insurance audit experience.


Skills and Abilities


  • Advanced knowledge and application of risk-based auditing.
  • Takes accountability for self and team.
  • Self-starter and motivator; consistently takes initiative.
  • Ability to coordinate and perform multiple tasks/projects simultaneously, balancing priorities and deliverables.
  • Competent interpersonal skills, demonstrating the ability to lead projects and mentor others in a constructive and professional fashion.
  • Able to work independently and embrace ambiguity while learning a complex business and IT environment.
  • Ability to evaluate business processes and IT technology, identify risks and controls.
  • Able to work within a dynamic, global team environment and willingly participates in department projects.
  • Routinely displays a positive attitude and is solution-oriented.
  • Advanced oral and written communication skills.
  • Consistent history of producing high-quality deliverables before deadlines.
  • Complex investigative, analytical and problem-solving skills.
  • Ability to translate business needs and problems into viable and accepted solutions.
  • Actively seeks and establishes partnerships with individuals across a wide variety of operational, functional, and technical disciplines; exhibited experience in establishing communication protocols with various managers and leaders in the organization.
  • Proficient using Microsoft Office products (Word, Excel, PowerPoint), ACL, and SQL Query tools (e.g. TOAD).
  • Advanced experience related to IT General Controls, system reports, system interfaces, and end-user computing.
  • Able to travel approximately 0 - 10%.


  • Experience with SQL, Toad, ACL and electronic work paper tools (e.g. Teammate or equivalent).
  • Experience with PeopleSoft, Oracle database, Windows / SQL server.
  • Experience auditing cloud computing environments (e.g. Amazon Web Services (AWS)).



Drop files here browse files ...

Related Jobs

Are you sure you want to delete this file?