IT Risk & Compliance Analyst

Please do not respond to direct messages with your personal information. All job applications and your sensitive, personal information should only be submitted via our official job platform.

Job Title: IT Risk and Compliance Analyst (hybrid)

Location: US-GA-Atlanta (Sandy Springs)

FLSA: Exempt

#LI-Hybrid

Job Overview:

The IT Risk and Compliance Analyst is responsible for assessing information risk and facilitates remediation of identified findings for IT risk and compliance across the enterprise. Assesses information risk and facilitates remediation of identified vulnerabilities with the Safe-Guard Products processes, networks, systems and applications. Reports on findings and recommendations for corrective action. Performs vulnerability assessments as assigned utilizing IT security tools and methodologies. Performs assessments of the IT security/risk posture for the Third-Party Risk Management Program. Identifies opportunities to reduce risk and documents remediation options regarding acceptance or mitigation of risk scenarios. Facilitates and monitors performance of risk remediation tasks, changes related to risk mitigation & reports on findings. Maintains oversight of IT and vendors regarding the security maintenance of their systems and applications. Provides weekly project status reports, including outstanding issues. The IT Risk and Compliance Analyst is a key player in IT audits, Identity and Access reviews, Privacy processes, IT risk assessments, and regulatory compliance assessments and Client audits. As always, this role will be expected to support the corporate mission with “other duties as assigned.”

Job Responsibilities:

• Perform regular IT access and control assessments to evaluate compliance with established policies, standards, and regulations across systems, applications, data centers, and network infrastructure.
• Conduct internal audits to identify potential compliance gaps and areas for improvement.
• Review system access controls, change management procedures, data security practices, identity and access roles, and vendor management processes to ensure compliance.
• Manage and organize evidence to support all IT Compliance obligations.
• Identify and assess IT-related risks associated with compliance issues or other findings.
• Develop and implement mitigation strategies to address identified risks.
• Monitor and track remediation progress for risk and compliance concerns.
• Review and monitor controls over confidential and sensitive data to prevent unauthorized disclosure.
• Collaborate with different departments to report and mitigate privacy risks.
• Create and maintain comprehensive IT risk and compliance documentation, including policies, procedures, and standards.
• Update risk and compliance documentation to meet existing and newly developed policy and regulatory requirements including SOC, PCI, and other regulator guidance and/or requirements.
• Deliver training sessions to IT staff on relevant compliance requirements and procedures.
• Track and report on awareness training execution and compliance.
• Promote a culture of Security and Privacy awareness across Safe-Guard Products.
• Work closely with various departments, including IT, legal, security, and operations, to ensure compliance across the organization. Apply GRC expertise across key lines of business, including products, practices and procedures.
• Prepare regular risk and compliance reports for management, highlighting key findings and action items.
• Collaborate with internal and external stakeholders and partners to facilitate audit requirements and compliance reviews.

The above statements are intended only to describe the general nature of the job and should not be construed as an all-inclusive list of position responsibilities.

Job Requirements:

• Strong attention to detail is a necessity.
• Strong understanding of IT security concepts and best practices are required.
• Knowledge of relevant compliance frameworks like GDPR, SOX, PCI DSS, HITRUST and others.
• Experience with IT audit methodologies and techniques
• Excellent analytical and problem-solving skills
• Strong communication and presentation skills to effectively convey complex compliance issues
• Ability to work independently and as part of a team
• Background in IT security, cybersecurity, or related field
• Experience with compliance auditing and risk assessment
• Familiarity with IT infrastructure and applications

Company Benefits:

• Medical, Dental, and Vision Insurance
• Flexible Spending Account
• Health Savings Account
• 401(k) Plan with Company Match
• Company-paid Short-Term and Long-Term Disability
• Company-paid Life Insurance
• Paid Holidays and Vacation
• Employee Referral Program
• Employee Assistance Program
• Wellness Programs
• Paid Community Service Opportunities
• Tuition Reimbursement
• Ongoing Training & Personal Development
• And More!

About Safe-Guard Products International:

Safe-Guard serves Original Equipment Manufacturers (OEMs), top retailers, and independent agents in the automotive finance and insurance industry with the leading Protection Products Platform. Our platform delivers innovative protection products and solutions that protect consumers from the perils of ownership, while providing Finance &Insurance professionals the tools to ignite scalable and sustainable business growth. Safe-Guard’s success is driven by over 850 employees, who serve more than 12,000 dealers and support contract holders across the U.S. and Canada.

For 30 years and counting, our team continues to transform the motor vehicle space, earning a stellar reputation from our partners and peers by providing: 1) the highest quality protection products in the industry, 2) a broad platform of branded product, technology, marketing, and training solutions, and 3) an unwavering commitment to uncomplicated care and customer service.

Safe-Guard Products International is an equal opportunity employer and gives consideration for employment to qualified applicants without regard to age, race, color, religion, creed, sex, sexual orientation, gender identity or expression, national origin, marital status, disability or protected veteran status, or any other status or characteristic protected by federal, state, or local law.