• Support the execution of IT compliance activities as part of the IT GRC team, ensuring alignment with internal policies, standards, regulatory requirements, and control frameworks.

• Assist with IT control testing, including gathering evidence, reviewing documentation,validatingcontrol performance, and documenting results.

• Support audit readiness activities by preparing evidence, tracking audit requests, coordinating with IT control owners, and helping resolve audit findings.

• Maintain and organize compliance documentation, including policies, standards, procedures, control evidence, risk records, and audit artifacts.

• Monitor compliance tasks, deadlines, and deliverables to ensuretimelycompletion of control reviews, assessments, and remediation activities.

• Work with IT teams toidentifycontrol gaps, documentation issues, process weaknesses, and opportunities to improve compliance practices.

• Support the tracking and reporting of compliance metrics, KPIs, audit status, control issues, and remediation progress.

• Assistwith reviewing IT policies, standards, and procedures to ensure theyremaincurrent,accurate, and aligned with governance requirements.

• Coordinate with internalaudit, external auditors, IT teams, and business stakeholders to support assessments, audits, and compliance reviews.

• HelpidentifyIT compliance training and awareness needs and support the development or delivery of related materials.

• Promote a culture of compliance, accountability, and continuous improvement across the IT organization.

• Bachelor’s degree in Information Systems, Cybersecurity, Information Technology, Business, ora relatedfield preferred.

• Working knowledge of IT governance, risk, and compliance concepts, including how IT controls support regulatory, audit, and business requirements.

• Familiarity with key frameworks and regulatory requirements such as SOX, NYDFS Cybersecurity Regulation, COBIT, NIST CSF, and related IT control standards.

• Understanding of IT General Controls, including access management, change management, computer operations, incident management,backupand recovery, and SDLC controls.

• Ability to support audit and compliance activities, including evidence collection, control testing, issue tracking, remediation monitoring, and audit readiness.

• Strong analytical, communication, documentation, and problem-solving skills, with the ability to work with IT teams, auditors, and business stakeholders.

• Self-driven, curious, detail-oriented, and hands-on, with a willingness to learn new processes, systems, frameworks, and compliance requirements.

• Ability to manage assigned tasks, track deliverables, meet deadlines, and support multiple compliance or audit-related initiatives.

• Experience with GRC, ticketing, collaboration, or evidence management tools such as Jira, Confluence, SharePoint, Microsoft 365, or similar platforms preferred.

• Professional certifications such as CISA, CRISC, ISO 27001 Foundation, or ISO 27001 Lead Implementer are a plus.

Experience:

Applicants must be authorized to work for any employer in the U.S. We are unable to sponsor or take over work authorization sponsorship now or in the future for this position.

#LI-Hybrid