IT Compliance Analyst

What You'll Do:

The IT Compliance Analyst role is responsible for ensuring compliance within IT operations. This position collaborates with others inside and outside of IT to ensure that the operational aspects of IT risk and compliance functions are completed. This role requires a motivated self-starter who can ensure that all areas of responsibility are completed in a timely manner.

Essential Functions:

Contract Review & Vendor Onboarding

• Works closely with the vendor management team to ensure that IT vendors are onboarded in a timely and efficient manner.
• Reviews vendor contracts for problems or areas of concern.
• Works with IT leadership, legal and outside consultants to ensure that contract terms and financials are negotiated and agreed upon.

Vendor Management

• Serves as the IT subject matter expert for LGE's vendor management platform.
• Partners with the vendor management team to streamline and improve LGE's vendor onboarding process using technology and automation.
• Ensures vendor contract renewals are properly tracked and notifications are sent to owners. Sends contract termination notices in a timely matter.
• Collects and reviews annual IT vendor due diligence documentation from vendors, including SOC reports, and completes annual CUEC's.
• Ensure IT vendor contracts are reviewed and remain up to date in LGE's vendor management program annually.

IT Policy

• Coordinates IT policy reviews on an annual basis.
• Creates and maintains a policy template that will apply to all IT policy documents.
• Ensures policies are located in a centralized and accessible place.
• Coordinates IT policy training and communication activities.

Architectural Reviews

• Manages LGE's architectural review process to ensure vendors are reviewed and approved before contracts are signed. Coordinates meetings with LGE's vendor management team, vendors, and IT's architectural review team.
• Ensures vendor documentation is collected in a timely and efficient manner to meet LGE's SLA's and uploads to LGE's vendor management platform.
• Partners with IT stakeholders to create architectural diagrams for new systems.
• Maintains architectural diagrams, documentation, and other detailed information for vendor and LGE systems.
• Updates and maintains architectural templates as needed.

IT Audit & Compliance

• Acts as a technical liaison for supporting annual IT audits by coordinating work between LGE's audit and IT teams.
• Ensures audit requests are responded to in an accurate and timely manner.
• Tracks and reports on findings and remediation efforts. Ensures remediation work is prioritized based on level of risk.
• Escalates remediation efforts if deadlines are missed.
• Tracks and ensures that routine IT regulatory & compliance tasks are completed by the IT group. This includes system access reviews, firewall rule reviews, etc.

Risk Reporting

• Coordinates LGE's quarterly IT risk assessment activities with IT leadership to ensure IT risk levels are accurately reported and documented.

Vendor Invoicing & Budget Tracking

• Assists with annual vendor requisitions for recurring IT invoices in Workday.
• Partners with IT leadership to improve and assist with day-to-day vendor billing and invoice activities.
• Assist with tracking IT budget activity and variance reporting.

Disaster Recovery & Business Continuity

• Ensures disaster recovery and business continuity plans are reviewed on an annual basis.
• Tracks, monitors, and reports on all disaster recovery and business continuity activities.

• Assists with project management and project communication activities. Drafts communication and assists with IT-led projects as needed.
• Maintain familiarity with and follow all policies, procedures and processes which have been established in order to meet compliance requirements of all applicable federal regulations. The regulations include but are not limited to the Privacy Act, Office of Foreign Assets Control (OFAC), Bank Secrecy Act (BSA), Reg. CC and Patriot Act

Who you are:

• Required: 3-5 years of experience in a risk, audit, or compliance-related field, preferably in the IT industry
• Required: Motivated self-starter who is goal-oriented & task-driven
• Preferred: B.A. or B.S. degree in related field
• Preferred: Experience with vendor management systems (VMS) & Workday
• Strong analytical and interpersonal skills required
• Strong organizational skills and ability to multi-task