EU Business Analyst - GRC
A customer is seeking a GRC Security Analyst to support collaboration efforts with the Governance, Risk and Compliance team and Internal Audit groups managing NIST and SOX related activities. This role will serve as a Liaison to ensure timely tracking, reporting and resolution of audit findings, assist in drafting and managing Management Action Plans (MAPs), and coordinate SOX/NIST testing and escalations with control owners.
- Audit Liaison & Remediation Tracking:
o Act as the primary point of contact between the Security GRC team and Internal Audit. o Track and monitor audit findings related to cybersecurity, IT risk, and SOX controls. o Draft, review, and manage Management Action Plans (MAPs) in response to audit findings. o Coordinate with control owners and stakeholders to gather evidence and updates.
- SOX Testing Coordination:
o Manage the end-to-end SOX testing lifecycle for ITGCs and application controls. o Coordinate with control owners to ensure timely completion of testing activities. o Monitor testing progress, escalate delays or issues, and support remediation of failed controls. o Liaise with internal and external auditors to facilitate walkthroughs, evidence collection, and issue resolution.
- Stakeholder Coordination & Evidence Management:
o Facilitate communication between Internal Audit, control owners, and GRC leadership to ensure alignment on audit findings, SOX testing, and remediation expectations. o Coordinate meetings, follow-ups, and status updates to drive timely resolution of open items. o Assist control owners in understanding audit and SOX requirements and expectations. o Ensure all documentation and evidence related to findings or MAPs are complete, consistent, and audit-ready.
- Metrics & Reporting:
o Develop and maintain dashboards and KPIs to communicate status and progress of audit remediation and SOX testing. o Provide regular updates to leadership on audit status and SOX compliance posture. We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to [email protected] learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: https://insightglobal.com/workforce-privacy-policy/. Required Skills & Experience - Strong understanding of Controls and Audit Frameworks; experience with standard Audit Methodologies - Attention to detail and strong documentation skills - Strong communication and project driver as there is extensive collaboration with teams across Enterprise IT. - Experience with EU cybersecurity governance and policy
Nice to Have
Skills & Experience - Experience with SOX Compliance controls - Experience with NIST audits and compliance - Experience with GRC Controls processes Benefit packages for this role will start on the 1st day of employment and include medical, dental, and vision insurance, as well as HSA, FSA, and DCFSA account options, and 401k retirement account access with employer matching. Employees in this role are also entitled to paid sick leave and/or other paid time off as provided by applicable law.