Sr. It Compliance Analyst - Remote

Job Description
The Sr. IT Compliance Analyst will work in the company's Information Security and Compliance area and provide expertise in the analysis, implementation, monitoring and reporting of security controls.
Duties and Responsibilities

• This role will be a critical and high-impact individual contributor to assist control owners to comply with required controls along with monitoring effectiveness of the controls
• Be well versed, possess deep knowledge and understanding in the current state of Information Security topics. Be able to interpret technical requirements and controls (such as PCI DSS, ITGC, CIS, NIST, ISO, SSAE, HITECH, etc.) for the Harbor Freight networking environment
• Serve as primary point-of-contact to work closely with cross functional teams to identify risk to the business, product, and other areas necessary to identify risks to the business
• Support and monitor remediation efforts of audit findings and validate the closure by reviewing relevant evidence
• Identify process improvements and efficiencies in the existing processes to build robust processes, automate compliance and drive implementation of effective controls
• Interface with IT and other departments to perform the necessary technical review and assess compliance maturity procedures and develop/oversee implementation of improvements or corrective actions
• This role will work collaboratively with members (of IT, Business, Risk Management, Internal and External Auditors, Operations Teams) and perform follow up activities related to remediate gaps and drive remediation efforts with remediation planning, track findings and facilitate remediation of security issues identified through assessments
• Practical working involvement, successful history of facilitating and delivering Security Requirements, performs analysis and interpretation of security and compliance issues
• Develops, enhance, and execute compliance processes and reporting systems
• Ensure existing documentations are current, accurate and are reviewed on an annual basis
• Perform activities to help measure and monitor open items, project timelines and remediations
• Develop, implement, and maintain a continual compliance process for IT General Controls that is flexible and scalable for regulatory requirements and organizational directives
• Facilitate customer and certifier requests and information gathering for audit activities and lead onsite audits
• Successfully project manage and drive testing activities across various teams within the organization
• Assist in the analysis, development and ongoing improvement of a comprehensive, flexible and scalable IT Controls program for regulatory requirements and organizational directives
• Ensure that key processes are documented, reviewed at least annually for accuracy and improvement opportunities, and followed, as appropriate
• Research regulations by reviewing regulatory bulletins and other sources of information
• Helps to guide compliance projects to successful completion
• Contributes in the area of thought leadership for the department

• Provide direction, guidance, and work closely with the Compliance team on tasks timelines, assessing and performing security requirements reviews

• Responsible for quality and on-time execution of periodic audit activities
• Performs users access reviews in accordance with security and compliance requirements
• Perform walkthroughs systems and processes and identify gaps in controls
• Participate in systems and application planning and implementation of Access Control or Security initiatives
• Provide direction, guidance & work with the Compliance team to ensure remediation efforts continue as planned
• After hours work will be required at designated intervals

Scope (Required)

• Supervises staff - No
• Organizational Scope - Contributor
• Decision Making - Yes
• Travel - Occasional
• Job Location - Corporate Headquarters
• Flex Designation - Anywhere

Requirements
Education (Required)

• 5+ years education in related field (preferred)

Skills (Required)

• The successful candidate must be reliable, resourceful and have a "can-do" attitude along with good customer service
• Strong organizational skills, attention to detail, ability to multitask, create status reports, dashboards and KPI metrics and manage simultaneous projects
• Ability to understand the intent of compliance requirements to provide effective and meaningful analysis
• Past training in information security or compliance areas
• Knowledge of Domains, Change Management, SOD, SDLC , Logging, application and database access rights, vulnerabilities
• Solid understanding of PCI DSS, ITGC and other Security Framework requirements and Cloud compliance
• Experience in design and implementation capabilities for cloud platforms. Translate security and technical requirements into business requirements and communicate security risks.
• Experience performing user access reviews
• Process, procedure, and standards development experience
• Good ability to collaborate with other team members
• Excellent written and oral communication and documentation skills
• Strong ability to take initiative to gets tasks and projects completed successfully
• Ability to perform after hours during designated periods
• Strong analytical skills, to analyze security requirements and relate them to appropriate security controls

Experience (Required)

• 6 to 8 years tech experience/ direct compliance or audit experience

The anticipated salary range for this position is $109,500 - $164,300 depending on location, knowledge, skills, education and experience. This position is also eligible for an annual discretionary bonus. In addition, we offer comprehensive and competitive benefits to Associates (and their families) such as medical, dental, vision, life insurance, short-term and long-term disability. Eligible Associates are able to enroll in our company's 401k plan. Associates will accrue paid time off up to 236 hours per year (inclusive of PTO, floating holidays, and paid holidays). Paid sick time up to 80 hours per year unless otherwise required by law.
About Harbor Freight Tools
We're a family-owned business with over 45 years as a national tool retailer, and with the energy, enthusiasm, and growth potential of a start-up. We are a $7 billion company with over 1,450 stores in 48 states, 27,000+ Associates, and one of the fastest-growing retailers in the country.