Senior Analyst, Risk And It Compliance

1. SUMMARY OF POSITION – A brief overview of the primary purpose of the position.

Quaker Houghton’s goal is to apply global IT industry best practices, enabling Quaker Houghton to instill the business with new insights regarding global data, business risk, compliance, and information security.

The Senior Analyst - Risk and IT Compliance is primarily responsible for the SOX ITGC compliance program and supporting ongoing Risk and IT Compliance efforts. The position will work closely with other members of the Risk and IT Compliance team as well as the larger IT department, Finance-Compliance team and both internal and external audit teams. The ideal candidate is self-motivated, well organized, has the proven ability to develop solutions in response to complex audit and compliance related matters and apply precedents. Additionally, the candidate has prior experience driving projects and compliance related activities associated with Internal Control over Financial Reporting (ICFR). The ideal candidate should also have a proven ability exercising sound judgement and providing consultative guidance to stakeholders associated with IT compliance related matters. Role will receive exposure to upper management throughout a global and growing organization. Position reports to the Manager, Risk and IT Compliance. Excellent opportunity for someone looking to transition out of consulting / public accounting and into corporate Risk and IT Compliance.

2. ACCOUNTABILITIES - List the primary job responsibilities and activities in order of importance.

Key liaison with Internal & External Audit partners

Facilitation and project management of SOX ITGC document requests; rationalize and challenge document requests according to precedents and regulatory requirements

Manage document and project related request tracking and follow up with members of the organization; ensure timely evidence/documentation submission in support of audit activities and special projects; report metrics to stakeholders

Updating, rationalizing, and maintaining existing ITGC process documentation; act as trusted advisor for control oriented consultation to stakeholders

Drafting, rationalizing, and maintaining narratives and process flows for in-scope ITGCs, systems, and processes

Monitoring of key SOX control activities; report metrics to stakeholders

Execution of key SOX control activities

Lead drafting of IT policies and/or updates to existing policies; rationalizing current policies to ensure relevancy and identity areas for optimization/standardization

Assisting with IT Compliance related communications to key internal stakeholders

Assisting with or lead other non-SOX related IT Compliance initiatives as required

Responsible for timely completion of work as assigned; providing regular status updates over assigned responsibilities; report metrics to stakeholders

Performing initial quality reviews of staff or consultant related deliverables connected to audit and special project related activities; provide coaching to stakeholders and identify areas for documentation and process level improvements

Assist with special projects related to IT compliance and governance related initiatives

3. EDUCATION, EXPERIENCE AND SKILLS/COMPETENCIES to perform the job duties

Key Education or Certification Required:

Bachelor’s degree from an accredited institution in relevant field

Certifications such as CISA, CISSP, CRISC, CISM, QSA, ISO 27001 LA (preferred)

Required Minimum Number of Years of Relevant Experience:

Minimum 4+ years’ experience in IT audit, IT risk management and/or compliance role, public accounting experience preferred (at least 2+ years)

Required Skills and Competencies:

Knowledge of SOX-ICFR IT General Controls, ISO/IEC 27001, COSO, COBIT, and NIST frameworks

Experience with identifying ITGC risks and controls and maintaining process narratives/flows

Experience with risk assessment frameworks

Effective organizational, time management and interpersonal skills

Effective project management ability; experience with reporting program status to stakeholders

Analytical mindset with creative and innovative problem-solving skills

Experience with supervision of others; ability to conduct quality reviews of work products produced internally and with stakeholders

Possess ability for critical thinking with capability to skillfully conceptualize, apply, analyze, synthesize, and/or evaluate information gathered from, or generated by, observation, experience, reflection, reasoning or communication; possess ability to apply lessons learned across assignments

Ability to understand the interrelation between financial, operational and technology internal controls

Excellent verbal & written communication skills

Experience with data analytics preferred (not required)

Proficient with Microsoft Office suite

High energy self-starter who can work well with teams and independently in a highly dynamic, fast paced environment

4. COMPANY CORE VALUES

Act with Integrity, Do Great Things Together, Exceed Customer Expectations