IT Compliance Analyst

Work Experiences:

• 2+ year s work experience in IT governance management, IT compliance, or IT audit
• 1-2 years of experience with IT policies, procedures, standards, and guidelines
• Corporate retail IT experience, preferred
• Formal knowledge of IT systems and processes, and systems development life cycle processes and policies
• Strong knowledge of IT industry standards and best practices as they relate to IT governance areas such as COBIT, COSO, PCI-DSS, ITIL, ISO 27001
• 2-3 years of experience working with compliance initiatives related to Sarbanes-Oxley, HIPAA, and PCI-DSS preferred

Skills:

• Ability to define and execute upon governance work programs
• Ability to lead or work on projects of all sizes and complexity
• Ability to facilitate group work sessions and drive team consensus
• Ability to work well under pressure while consistently meeting time sensitive deadlines
• Strong interpersonal, written and verbal communication skills to interface effectively with individuals at various levels
• Ability to work well independently, as well as effectively contribute to a team environment
• Analytical with strong problem-solving abilities and creative resolution skills
• Ability to prioritize workload, meet multiple deadlines simultaneously in a fast paced, frequently changing environment
• Strong Microsoft Office program experience, including Project, Visio, Excel, & Word

Responsibilities:

• Provide PCI DSS, SOX, project and governance expertise and consulting to the IT organization, ensuring compliance with PCI and SOX information technology internal controls
• Utilize data analysis to develop a more proactive and anticipatory approach to IT risk management
• Identify KPI s and metrics, prepare and present reports/dashboards to management
• Ensure controls are accurately documented and maintained and action plans are implemented to address control weaknesses within designated timelines
• Lead and maintain ongoing IT policy exception management process and identify key exception reporting metrics
• Proactively promote the IT risk assessment program to evaluate IT compliance and operational risks ensuring appropriate risk management strategies are defined and implemented
• Communicate IT governance and compliance objectives to ensure an appropriate compliance-aware culture
• Evaluate company requirements and define required policies, along with supporting standards and guidelines
• Initiate and manage the review of IT security controls, including application and infrastructure controls to ensure the company meets its governance and compliance requirements
• Drive efforts with IT teams to ensure appropriate procedures are defined and approved to support IT policies/standards/guidelines
• Coordinate with InfoSec Team and Training & Development Team to develop security awareness materials, working with appropriate teams, to ensure all company associates use strong IT security behavior
• Participate in periodic training and testing to demonstrate knowledge of security concepts
• Manage meetings effectively by setting agendas, maintaining focus and identifying action items
• Ensure that all functions and activities are performed in accordance with accepted IT department standards and procedures
• Manage workload, resolving and escalating issues, as appropriate, and to ensure high quality deliverables
• Develop a thorough understanding of Academy Sports & Outdoors policies, procedures and safety rules
• Duties may change; Team Members may be required to perform other duties as assigned

Physical Requirements & Attendance:

• Acceptable level of hearing and vision to perform job duties
• Adhere to company work hours, policies, procedures and rules governing professional staff behavior

100% on premise, at this time the company does not allow remote working options