Compliance and Risk Analyst

Software Guidance & Assistance, Inc., (SGA), is searching for a Compliance and Risk Analyst for a contract assignment with one of our premier Utility services clients in Tampa, FL.

Responsibilities :

• The firm is seeking a Compliance and Risk analyst local to the Tampa area to join the Risk & Compliance team. They will be responsible for the following:
  • Assurance and Information Management: Ensures that quality methods and procedures are executed by the IT department to stay in compliance with regulatory requirements, Sarbanes-Oxley (SOX), PCI, contractual requirement.
  • Support collection, review and approval of compliance evidence, including accessing network monitoring tools and security tools to gather evidence during assurance activities.
  • Administers the IT Compliance Management Systems and Governance, Risk, and Compliance (GRC) tool(s). Collect and sample evidence to support demonstration of compliance. Escalates out of compliance items to senior management. Participate in the implementation of technology-based tools (e.g. GRC) to support IT risk initiatives. Additionally, analyst adheres to company confidentiality and security requirements.
  • Documents non-compliance issues, provides recommendations and Shepards remediation actions to ensure in their resolution. Performs quality audits across various IT&T functions to ensure quality standards, procedures, and methodologies are being followed. Monitors and reports on exceptions, risks and exposures to IT senior management.
  • Conducting fact-based assessments of new and existing systems and technologies, Assessing the effectiveness of regulatory compliance controls. Providing subject matter expertise to help internal stakeholders manage risk and controls.

Required Skills:

• 3+ years of IT security, IT audit or other controls experience.
• Experience and knowledge with Identifying control gaps, drafting remediation plans, ushering remediation aspects through.
• Assurance experience: audit compliance, risk assessments, vulnerability assessments, and compliance assessments.
• Technical experience with the following: Service Now, vulnerability scanning, firewall and firewall policy testing, SIEM tools, GRC tools, patching tools.

Preferred Skills:

• CISA or CRISC Certifications
• Experience with SOX and PCI controls
• Experience with the following: Splunk, Tenable, CyberArk

SGA is a technology and resource solutions provider driven to stand out. We are a women-owned business. Our mission: to solve big IT problems with a more personal, boutique approach. Each year, we match consultants like you to more than 1,000 engagements. When we say let's work better together, we mean it. You'll join a diverse team built on these core values: customer service, employee development, and quality and integrity in everything we do. Be yourself, love what you do and find your passion at work. Please find us at .

SGA is an Equal Opportunity Employer and does not discriminate on the basis of Race, Color, Sex, Sexual Orientation, Gender Identity, Religion, National Origin, Disability, Veteran Status, Age, Marital Status, Pregnancy, Genetic Information, or Other Legally Protected Status. We are committed to providing access, equal opportunity, and reasonable accommodation for individuals with disabilities in employment, and our services, programs, and activities. Please visit our company to request an accommodation or assistance regarding our policy.