What are the responsibilities and job description for the IT Compliance Analyst position at BayOne?
Work Experiences:
2 year’s work experience in IT governance management, IT compliance, or IT audit
1-2 years of experience with IT policies, procedures, standards, and guidelines
Corporate retail IT experience, preferred
Formal knowledge of IT systems and processes, and systems development life cycle processes and policies
Strong knowledge of IT industry standards and best practices as they relate to IT governance areas such as COBIT, COSO, PCI-DSS, ITIL, ISO 27001
2-3 years of experience working with compliance initiatives related to Sarbanes-Oxley, HIPAA, and PCI-DSS preferred
Skills:
Ability to define and execute upon governance work programs
Ability to lead or work on projects of all sizes and complexity
Ability to facilitate group work sessions and drive team consensus
Ability to work well under pressure while consistently meeting time sensitive deadlines
Strong interpersonal, written and verbal communication skills to interface effectively with individuals at various levels
Ability to work well independently, as well as effectively contribute to a team environment
Analytical with strong problem-solving abilities and creative resolution skills
Ability to prioritize workload, meet multiple deadlines simultaneously in a fast paced, frequently changing environment
Strong Microsoft Office program experience, including Project, Visio, Excel, & Word
Responsibilities:
Provide PCI DSS, SOX, project and governance expertise and consulting to the IT organization, ensuring compliance with PCI and SOX information technology internal controls
Utilize data analysis to develop a more proactive and anticipatory approach to IT risk management
Identify KPI’s and metrics, prepare and present reports/dashboards to management
Ensure controls are accurately documented and maintained and action plans are implemented to address control weaknesses within designated timelines
Lead and maintain ongoing IT policy exception management process and identify key exception reporting metrics
Proactively promote the IT risk assessment program to evaluate IT compliance and operational risks ensuring appropriate risk management strategies are defined and implemented
Communicate IT governance and compliance objectives to ensure an appropriate compliance-aware culture
Evaluate company requirements and define required policies, along with supporting standards and guidelines
Initiate and manage the review of IT security controls, including application and infrastructure controls to ensure the company meets its governance and compliance requirements
Drive efforts with IT teams to ensure appropriate procedures are defined and approved to support IT policies/standards/guidelines
Coordinate with InfoSec Team and Training & Development Team to develop security awareness materials, working with appropriate teams, to ensure all company associates use strong IT security behavior
Participate in periodic training and testing to demonstrate knowledge of security concepts
Manage meetings effectively by setting agendas, maintaining focus and identifying action items
Ensure that all functions and activities are performed in accordance with accepted IT department standards and procedures
Manage workload, resolving and escalating issues, as appropriate, and to ensure high quality deliverables
Develop a thorough understanding of Academy Sports & Outdoors policies, procedures and safety rules
Duties may change; Team Members may be required to perform other duties as assigned
Physical Requirements & Attendance:
Acceptable level of hearing and vision to perform job duties
Adhere to company work hours, policies, procedures and rules governing professional staff behavior
100% on premise, at this time the company does not allow remote working options
2 year’s work experience in IT governance management, IT compliance, or IT audit
1-2 years of experience with IT policies, procedures, standards, and guidelines
Corporate retail IT experience, preferred
Formal knowledge of IT systems and processes, and systems development life cycle processes and policies
Strong knowledge of IT industry standards and best practices as they relate to IT governance areas such as COBIT, COSO, PCI-DSS, ITIL, ISO 27001
2-3 years of experience working with compliance initiatives related to Sarbanes-Oxley, HIPAA, and PCI-DSS preferred
Skills:
Ability to define and execute upon governance work programs
Ability to lead or work on projects of all sizes and complexity
Ability to facilitate group work sessions and drive team consensus
Ability to work well under pressure while consistently meeting time sensitive deadlines
Strong interpersonal, written and verbal communication skills to interface effectively with individuals at various levels
Ability to work well independently, as well as effectively contribute to a team environment
Analytical with strong problem-solving abilities and creative resolution skills
Ability to prioritize workload, meet multiple deadlines simultaneously in a fast paced, frequently changing environment
Strong Microsoft Office program experience, including Project, Visio, Excel, & Word
Responsibilities:
Provide PCI DSS, SOX, project and governance expertise and consulting to the IT organization, ensuring compliance with PCI and SOX information technology internal controls
Utilize data analysis to develop a more proactive and anticipatory approach to IT risk management
Identify KPI’s and metrics, prepare and present reports/dashboards to management
Ensure controls are accurately documented and maintained and action plans are implemented to address control weaknesses within designated timelines
Lead and maintain ongoing IT policy exception management process and identify key exception reporting metrics
Proactively promote the IT risk assessment program to evaluate IT compliance and operational risks ensuring appropriate risk management strategies are defined and implemented
Communicate IT governance and compliance objectives to ensure an appropriate compliance-aware culture
Evaluate company requirements and define required policies, along with supporting standards and guidelines
Initiate and manage the review of IT security controls, including application and infrastructure controls to ensure the company meets its governance and compliance requirements
Drive efforts with IT teams to ensure appropriate procedures are defined and approved to support IT policies/standards/guidelines
Coordinate with InfoSec Team and Training & Development Team to develop security awareness materials, working with appropriate teams, to ensure all company associates use strong IT security behavior
Participate in periodic training and testing to demonstrate knowledge of security concepts
Manage meetings effectively by setting agendas, maintaining focus and identifying action items
Ensure that all functions and activities are performed in accordance with accepted IT department standards and procedures
Manage workload, resolving and escalating issues, as appropriate, and to ensure high quality deliverables
Develop a thorough understanding of Academy Sports & Outdoors policies, procedures and safety rules
Duties may change; Team Members may be required to perform other duties as assigned
Physical Requirements & Attendance:
Acceptable level of hearing and vision to perform job duties
Adhere to company work hours, policies, procedures and rules governing professional staff behavior
100% on premise, at this time the company does not allow remote working options
