Job Description
As a member of the IT Governance, Risk & Compliance organization, the Senior IT Governance Analyst is responsible for aligning IT processes and actions with the organizations business goals. This includes aligning international strategy with IT processes and enforcing the technical implementation of global privacy law. This role works with departments across the organization to ensure IT governance requirements are properly identified, documented, and enforced.
RESPONSIBILITIES
Monitor information security news for emerging threats, technologies, and regulations that could have an impact on the security of Paycoms processes, systems, and applications.
Collaborate with teams across the enterprise to educate, communicate, identify, document, and remediate IT governance issues.
Directs the development of benchmarks and sets specific goals for the evolution of the security of Paycoms systems, processes, and applications.
Collaborate with and educate employees at all leadership levels on IT GRC requirements.
Champion and manage IT SOX, SOC 1, SOC 2, ISO, PCI-DSS, FFIEC, and GDPR programs, documenting policies and procedures as well as performing audits, risk assessments and management reviews.
Assist with the implementation of new control frameworks and risk mitigation strategies.
Coordinate with legal (enterprise risk and privacy) to understand new legislation and coordinate with the proper IT and development teams to technically enforce.
Assist with IT policy updates and contract reviews to ensure IT governance requirements are documented and enforceable.
Coordinate and execute IT GRC projects, as assigned. Report results to leadership.
Champion IT frameworks, controls, and approved processes across the organization.
Perform audits, risk assessments, and management reviews.
Responsibility for oversight of governance and controls for IT systems and the security measures that govern access to these systems.
Update job knowledge by participating in educational opportunities; reading professional publications; maintaining personal networks; participating in professional organizations.
Protects organization's value by keeping information confidential.
Assist in onboarding new teammates.
Assist in the development of IT GRC benchmarks and set specific goals for the evolution of the security of Paycoms systems, processes, and applications.
Actively seek to expand individual skills through research, training, and collaboration with peers.
Attend meetings and serve on committees, as requested.
Work flexible hours, including weekends and evenings.
Availability to respond to emergency situations.
Perform additional duties and assignments as requested.
Education/Certification:
Bachelors degree
Industry Certification (CISA, CIA, CISSP, ABCP, CBCP, etc.) preferred.
Experience:
8+ years
Advanced degrees may be substituted for experience.
IT risk management, IT audit, or regulatory compliance experience preferred.
Payment services regulations experience preferred.
Skills/Abilities:
Information security standards such as IT SOX, SOC 1, SOC 2, ISO 27001, PCI-DSS, FFIEC, GDPR
Industry-specific information security best practices
Risk identification and analysis techniques
Experience of conducting IT risk assessments of the services to be provided, including risks of fraud and illegal use of sensitive and personal information and the mitigation measures to protect users from the risks identified.
Experience managing IT operational and security risk.
Data confidentiality regulations, strategies, and best practices
Evaluate critical systems, prioritize workflow, and determine solutions.
Perform risk assessments.
Strong analytical and problem-solving skills
Excellent written and verbal communication skills
Interpret and apply laws, regulations and policies.
Work for extended time at keyboard/terminal
Maintain effective working relationships with supervisor and coworkers.
Paycom is an equal opportunity employer and prohibits discrimination and harassment of any kind. Paycom makes employment decisions on the basis of business needs, job requirements, individual qualifications and merit. Paycom wants to have the best available people in every job. Therefore, Paycom does not permit its employees to harass, discriminate or retaliate against other employees or applicants because of race, color, religion, sex, sexual orientation, gender identity, pregnancy, national origin, military and veteran status, age, physical or mental disability, genetic characteristic, reproductive health decisions, family or parental status or any other consideration made unlawful by applicable laws. Equal employment opportunity will be extended to all persons in all aspects of the employer-employee relationship. This policy applies to all terms and conditions of employment, including, but not limited to, hiring, training, promotion, discipline, compensation benefits, and separation of employment. The Human Resources Department has overall responsibility for this policy and maintains reporting and monitoring procedures. Any questions or concerns should be referred to the Human Resources Department. ****To learn more about Paycom's affirmative action policy, equal employment opportunity, or to request an accommodation - Click on the link to find more information: paycom.com/careers/eeoc
Job Tags
Full time, Contract work, Flexible hours, Afternoon shift,