Risk & Compliance Analyst Sr IT

at Stericycle, Inc. in DeerfieldBannockburn, Illinois, United States

Job Description

Work Location:  Bannockburn, IL

Position Purpose:

The Risk & Compliance Analyst Sr IT will be responsible for defining and implementing a leading practice IT internal controls within Stericycleâ??s IT environment and driving a control conscious and compliant organization.

Key Job Activities:

â?¢  Support control owners through the full management of IT SOX audit cycle, including assisting control owners through continuous improvement of controls, maintaining the IT SOX control framework, facilitating management prep sessions, and helping to validate that audit evidence is complete and accurate prior to providing to the auditors.
â?¢  Builds and maintains positive working relationships with stakeholders, including application, process, and control owners along with management in support of IT Risk and Compliance processes and practices
â?¢  Gains knowledge and understanding of SAP S/4, SuccessFactors, Salesforce, Descartes, Coupa, Concur and other legacy systems for IT SOX controls.
â?¢  Performs targeted risk assessments and provide recommendations to Control Owners.
â?¢  Participates in scoping activities for IT SOX applications, systems changes and business transformation projects.
â?¢  Contributor to the design and implementation of enhancements for internal controls such as segregation of duties, change management, access management, IT operations, workflow, and application configuration, etc.
â?¢  Assists IT SOX process by validating that audit evidence is complete and accurate prior to providing to the auditors.
â?¢  Identifies, communicates and coordinates efforts to resolve control exceptions.
â?¢  Drive continual improvement of the IT SOX governance program through the development of training, facilitation of SOX auditors and creation of support materials and processes for Control Owners.
â?¢  Reviews deficiencies identified during audit or internal assessments and collaborates with the IT Risk & Compliance team to develop and execute remediation plans
â?¢  Supports IT policy steering committee with senior level management to develop IT policies, provide guidance, ensure consistency, and facilitate roll out and maintenance of corporate IT policies.
â?¢  Supports IT GRC steering committee intend to continuously improve controls with senior level management
â?¢  Supports user entitlement reviews using homegrown tools built on Alteryx and Outsystems.
â?¢  Acts as a liaison to internal/external auditors, fulfilling audit requests and coordinating audit activities with IT stakeholders including the integrated audit and facilitation of SOC-1 reviews of Stericycle.
â?¢  Assist management with remediation plan development, execution and support for control owners
â?¢  Participate in IT SOX walkthroughs, to act as â??knowledge resourceâ? and to gain an understanding of the current processes and controls
â?¢  Maintain status reports and key metrics to support the IT Risk and Compliance function.
â?¢  Perform other duties and responsibilities, as assigned.

Education:

Preferred Education: in Bachelors or Equivalent

Experience (North America & LATAM):

â?¢  Bachelor's degree in Information Systems, Computer Science, Accounting, Business or related technical discipline (or equivalent)
â?¢  5+ years of relevant work experience
â?¢  Familiar with leading practice IT controls frameworks and audit methodologies and IT industry standards (e.g., COSO 2013, COBIT, ISO, CMM, ITIL, PCI, NIST, SSAE 18 SOC, etc.)
â?¢  Strong understanding of regulatory concerns especially IT Sarbanes Oxley (IT SOX)
â?¢  Intermediate knowledge of evaluating internal controls, developing recommendations, designing and implementing solutions
â?¢  Previous internal or external audit experience a plus
â?¢  SAP functional knowledge a plus
â?¢  CISA, CISM, CIA, CPA certifications a plus
â?¢  Intermediate to advanced skills and hands-on experience in building tools and presentations with Microsoft Word, Excel, PowerPoint, Project, Access
â?¢  Basic knowledge of project management principles (planning, organizing, and managing assessment process)
â?¢  Strong interpersonal skills with the ability to work effectively in a matrixed organization
â?¢  Ability to work with teams that are geographically distributed and work across different time zones
â?¢  Able to work in a fast-paced environment, both independently and lead a team
â?¢  Ability to manage and collaborate with onshore and offshore cross-functional teams
â?¢  Strong analytical ability, critical thinking, decision making, judgment and... For full info follow application link.

It is the policy of Stericycle, as an equal opportunity/affirmative action employer, to hire the best qualified people available without regard to race, creed, color, sex, sexual orientation, marital status, age, national origin or ancestry, religion, status with regard to public assistance, order of protection status, disability, or veteran status.