Sr. GRC Analyst in Atlanta, GA at HUNTER Technical Resources

Date Posted: 1/25/2020

Job Snapshot

  • Employee Type:
  • Location:
    Atlanta, GA
  • Job Type:
  • Experience:
    Not Specified
  • Date Posted:
  • Job ID:

Job Description

Sr. Compliance Analyst
Under general direction, audits moderately complex new and existing information systems applications to ensure that appropriate controls exist, that processing is efficient and accurate, and that systems and procedures comply with corporate standards. Competent to work on all phases of information systems auditing.

As directed by management and leadership that support management and colleagues in the achievement of compliance with payment card industry standards and regulations as they pertain to the IT environment. Support the achievement of compliance with payment sector standards and regulations as they pertain to the IT environment.


Job Details:
  • Leads collaboration efforts with stakeholders to define, execute, and track pre-audit preparation tasks to meet year round compliance goals
  • Assists management efforts to ensure the audit scope is defined and substantiated by appropriate evidence
  • Assists management with analyzing prior year’ s audit for lesson’ s learned value
  • Assists management to ensure compliance objectives are clearly communicated to stakeholders
  • Assists with the tracking of, scheduling and execution of multiple SOX, SSAE 18, PCI DSS, PA DSS and PCI PIN assessments across business units worldwide
  • Collate and review documentation for appropriateness prior to an assessment
  • Perform business and technical analysis to identify and document appropriate compliance controls on new projects
  • Research project to define and document appropriate controls
  • Log artifacts requested during interview sessions
  • Maintain metrics showing status of assessments and audits.
  • Derive new metrics to identify leading indicators of potential audit issues
  • Assist in gathering evidence from stakeholders, coordinating reviews and uploading to assessors’ portals
  • Analyze artifacts received to ensure they meet the intent of the assessment and demonstrate compliance
  • Populate report templates with current status information and keep manager and team members informed of potential delays or issues with updates
  • Support management programs to mature compliance posture
  • Engage affiliate points of contact to promote corporate compliance best practices
  • Implement continuous improvement programs
  • Interface with internal and external PCI and SOX auditors to represent how compliance and security controls are applied and can be demonstrated in existing or planned projects
  • Schedule, prepare and conduct regular engagement sessions with stakeholders to communicate the cloud compliance program objectives and progress
  • Conduct compliance awareness programs for groups dealing with but not limited to PAN, PII, developers and administrators


  • Good understanding of general computer controls, ability to analyze data and interpret results
  • Excellent planning and organizational skills with an ability to meet tight deadlines
  • Effective team player who can build good working relationships with colleagues and external parties
  • Ability to positively contribute to the efficient and effective practices within External Compliance and look for opportunities to improve upon existing internal controls and work practices
  • Excellent communication capabilities to summarize technical statues to both internal and external parties
  • Security qualification such as CISSP, CISM or CISA preferred
  • Understanding of industry standards and regulations including PCI DSS, PCI PIN, PA DSS, P2PE and Sarbanes Oxley controls preferred
  • PCI ISA training advantageous
  • Working knowledge of control frameworks (ISO27001, etc.) and / or GRC tools (Archer) beneficial
  • Familiarity and understanding of broad range of IT hardware and software products
  • Willingness to travel domestically and internationally, if required
  • Ability to operate within a multi-cultural, multi-time-zone environment
  • High ethical standards, operates with integrity and professionalism
  • Willingness to travel domestically and internationally, if required
  • Must have 3 years (total) of experience in the following:
    • Working within the IT Cloud Compliance / Security (at least 2 years’ experience)
    • Risk Assessments
    • Architecture Reviews
    • PCI Assessments
    • Compliance / Security Consulting