IT Risk and Controls Analyst

This position is remote based, we are open to candidates across the United States.

Overview

The IT Risk & Controls Analyst assists with the quality assurance of all IT General Controls through assessment, walkthroughs, and audits. This role will reside within the Myriad's Accounting/Finance organization and act as a second line of defense (2LoD) function. The cross-functional role will work closely with Myriad's Accounting/Finance and Technology Organizations to ensure controls are properly designed, operational, and in-line with established policies, procedures, and methodologies. In addition, they will be responsible for control execution, helping identify risks and gaps, and facilitating remediation efforts to address observations and findings raised through internal and external audits. This role will also act as a primary point of contact between IT teams and internal/external auditors during the annual SOX engagement.

Responsibility

1. Provide quality assurance of all IT General Controls and Application Controls through assessment, walkthroughs, and audits to ensure operational effectiveness of those controls.
2. Monitor the control environment and ensure that controls are operational and in-line with established policies and procedures, and controls methodology.
3. Identify risks and gaps and facilitate remediation to address observations raised in internal and external audits.
4. Perform or facilitate control execution on behalf of IT Management.
5. Assist control owners with root cause analysis and track risk management action plan progress.
6. Guide efforts to create common control framework and uniform compliance reporting standard.
7. Stay up to date on changes to systems and applications and provide guidance on related controls.
8. Conduct periodic compliance audits of IT controls to ensure controls are operating effectively throughout the year.
9. Identifying and tracking assessment/audits using performance metrics.
10. Provide relevant awareness training to control owners.

Qualifications

1. Bachelor's degree in Business, Accounting, Information Technology, or other quantitative discipline.
2. 2-5 years of experience in IT risk and compliance.
3. 2+ years of experience in audit/assessments with SOX.
4. Experience in working with SOX and internal control design and operations from a Finance and Business Technology perspective.
5. Proficient knowledge of third-party related regulatory policies.
6. Competency in security frameworks and Unified Controls Framework.
7. Strong analytical and time management skills.
8. Ability to maintain a high degree of confidentiality.

Preferred Qualifications

1. Certified Information Security Auditor (CISA), Project Management Professional (PMP) or Certified Internal Auditor (CIA).
2. Experience in working for a U.S. public company or public accounting firm (Big 4 preferred).
3. Experience in Oracle Cloud, Okta Identity Governance or SailPoint, Atlassian Jira, and GitHub preferred.
4. Familiarity with common enterprise and web application technologies.
5. Experience with project management best practices.

Physical Requirements

Ability to move throughout an office setting to perform work tasks. Ability to stand or sit for extended periods at an assigned workstation. Ability to clearly communicate with coworkers or customers.

EEO

We recognize that our people are our strength and the diverse talents they bring to our global workforce are directly linked to our success. We are an equal opportunity employer and place a high value on diversity and inclusion at our company. In hiring and all other employment decisions, we prohibit discrimination and harassment on the basis of any protected characteristic, including race, religion, color, national origin, gender, sexual orientation, gender identity, gender expression, age, marital or veteran status, pregnancy or disability, or any other basis protected under applicable law. In accordance with applicable law, we make reasonable accommodations for applicants' and employees' religious practices and beliefs, as well as any mental health or physical disability needs.

#LI-MH1

#LI-Remote