Security Analyst GRC Compliance Specialist

Overview

On Site
Depends on Experience
Contract - Independent
Contract - W2
Contract - 24 Month(s)
Able to Provide Sponsorship

Skills

Access Control
Amazon Web Services
Auditing
Business Systems
CISA
Certified Public Accountant
Change Management
Cloud Computing
Communication
Dashboard
Documentation
Enterprise Resource Planning
FOCUS
IT Audit
IT Operations
ITGC
Management
Microsoft Azure
Oracle
Oracle Management Server
RMS
Regulatory Compliance
Reporting
Retail
Risk Assessment
SAP GRC
SOX 404
SaaS
Sarbanes-Oxley
Security Controls
ServiceNow
Software Development Methodology
Stakeholder Management
Testing
WMS

Job Details

We are looking for a Security Analyst with strong experience in Governance, Risk, and Compliance (GRC) to join a fast-paced, global retail technology environment. The ideal candidate will have proven expertise with SOX 404, IT General Controls (ITGC), and audit processes related to enterprise cloud platforms and ERP systems.

Responsibilities:

Support delivery and oversight of the IT SOX compliance program

Document control design narratives and perform testing of SOX controls for in-scope systems

Collaborate with cross-functional teams to ensure proper implementation and execution of IT controls

Act as a subject matter expert (SME) for SOX compliance across technology and business units

Communicate regulatory and audit requirement changes and guide control implementations

Work closely with system owners and global technology teams to assess risk impact

Manage walkthroughs, evidence collection, and audit requests

Identify, document, and monitor remediation of control deficiencies

Support quarterly SOX certifications and management attestations

Assist in automation of evidence collection and reporting processes

Create and maintain centralized audit documentation and evidence repositories

Develop and present metrics and dashboards to demonstrate IT SOX program effectiveness

Required Qualifications:

5+ years of experience in Security GRC, IT Audit, or similar, with a focus on SOX compliance

Strong understanding of SOX 404, risk assessment, and IT General Controls

Experience working in large enterprise or retail environments

Familiarity with access control, change management, IT operations, and SDLC processes

Experience with cloud platforms (Azure, AWS), SaaS applications, and Oracle-based systems

Proficiency with GRC tools like ServiceNow or similar platforms

Strong documentation and stakeholder management skills

Ability to lead and influence cross-functional teams in audit and remediation efforts

Excellent communication skills, both verbal and written

Must hold at least one of the following certifications: CISA, CPA, or CIA

Preferred Qualifications:

Previous experience in Big 4 IT Audit or equivalent

Knowledge of retail business systems (ERP, RMS, OMS, WMS)

Experience coordinating internal and external IT audits

Familiarity with Azure security controls in a compliance-driven environment

Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.