IT Compliance Analyst | 213776 in Farmers Branch, TX at Vaco

Date Posted: 1/4/2021

Job Snapshot

Job Description

IT Compliance Analyst | 213776


Location: Dallas, TX 75234

Position Type: Direct-Hire

Hourly / Salary: BOE!


Vaco Technology is currently seeking an IT Compliance Analyst for a Direct-Hire opportunity located in Dallas, TX. The IT Compliance Analyst will assist with remediation of control deficiencies and gaps identified during the audit process. The IT Compliance Analyst will proactively identify gaps or conflicts in existing processes and help develop solutions with the stakeholders. The IT Compliance Analyst will assist process / control owners with the design / implementation of controls and related documentation (e.g., policies, procedures, narratives, and matrices. The IT Compliance Analyst will also participate in IT SOX walkthroughs to identify potential changes and control gaps and conduct IT SOX controls testing to evaluate the design and operating effectiveness of controls in accordance with established procedures.

  • Facilitate 3rd Party Attestations / Audits (PCI-DSS / CCPA / GDPR / SOX) / Certifications Efforts, etc.
  • Work Closely with Technology / Business Process Owners - Identify / Document / Implement Processes to Address Areas of Key Risks
  • Ensure All PCI-DSS / CCPA / GDPR / SOX Controls are Implemented / Documented / Monitored
  • Establish Processes to Support the Controls / Ensure that Control Self-Assessments are Conducted Promptly / Completely / Accurately
  • Support Risk / Compliance Team to Implement Processes / Controls to Ensure Compliance with Regulatory / Industry Mandates (GDPR / CCPAA)
  • Identify / Validate Critical Controls to Address IT / Business Risks - Work with Teams to Address Identified Areas of Deficiencies
  • Participate in Audits of 3rd Parties - Vendors / Service Providers / Consulting Organizations, etc.
  • Ensure Appropriate Documentation in the Form of Policies / Standards / Procedures is Created / Manages to Support Security / Compliance / Audit Requirements
  • Provide Guidance / Support to IT / Business - Ensuring Continued Compliance with Mandates
  • Endorse / Support Compliance Culture Where Employees are Encouraged to Seek Clarification / Support for the Compliance Initiatives
  • Participate / Provide Input to Annual Risk Assessments / In-Scope Systems Analysis / Coordination of Testing Approaches, etc.
  • Provide Input to Periodic Progress Reporting - Status of Overall Testing Progress / Open Control Deficiencies / Assist with Escalation when Deficiencies are not Remediated Timely
  • Coordinate with IT Personnel Across the Organization to Implement Required Controls / Ensure the Process is Followed to Maintain Appropriate Evidence Required by the Specific Control
  • Identify Risk / Control Gaps - Partner with IT Department to Ensure Internal Control Guidelines Exist in Systems / Applications to Ensure Compliance with IT-Related Audits
  • Work with Process Owners / External Auditors to Facilitate the Execution of Managements Annual Internal Controls Assessments in Accordance with IT-Related Audits
  • Track / Monitor IT Remediation Efforts
  • Perform / Assist in Overseeing Initial / Periodic Audits / Analysis / Mitigation / Remediation


  • IT Compliance Analyst - IT Security Compliance / Audit / Risk Management (3+ years)
  • Hands-On Compliance Initiatives Experience - PCI-DSS / EU-GDPR / CCPA / SOX
  • Security Metrics / Creation of Useful Dashboards for Management Review / Consumption (understanding)
  • Implement / Utilize Compliance Frameworks - COBIT / PCI-DSS / ISO 27001, etc.
  • IT Security Products / Technologies (familiarity) - IAM / Vulnerability Management / Encryption / Key Management / Logging / Monitoring / Application Security, etc.
  • Cloud-Based Environment / Technologies and Associated Auditing Methodologies (familiarity)

PREFERRED (not required)

  • Big4 Auditor Experience
  • Develop / Implement Automation for Controls / Compliance (preferred)

Job Requirements

IT Compliance Analyst, Security, Audit, PCI-DSS, GDPR, CCPA, SOX, COBIT, ISO 2700, Big4