Source Job

$84,000–$94,000/yr
US 2w PTO

  • Coordinate IT compliance and audit activities across Information Security, IT, and business stakeholders.
  • Support SOX IT General Controls (ITGC) activities, including planning, evidence collection, and auditor inquiries.
  • Track audit findings, remediation plans, and risk items to ensure timely completion and closure.

SOX Compliance GRC Platforms Audit Management Communication

19 jobs similar to IT Risk & Compliance Analyst

Jobs ranked by similarity.

Global

  • Support the development, implementation, and improvement of our IT compliance framework.
  • Perform ITGC and application controls testing to ensure SOX and regulatory adherence.
  • Facilitate user access reviews, log reviews, and vendor risk management activities.

e.l.f. Beauty, Inc. stands for cruelty-free beauty at an incredible value, with a multi-brand portfolio including e.l.f. Cosmetics, e.l.f. SKIN, Well People, Naturium, and rhode. With over 29 consecutive quarters of net sales growth and $1 billion in net sales in FY25, they are a fast-growing, culturally driven company.

$62,050–$69,350/yr
Canada 4w PTO

  • Serve as primary IT contact, handling hardware/software support, account management, and remote troubleshooting for a remote-first team.
  • Assist with compliance evidence collection and control testing for SOC 2, GDPR, and PCI obligations.
  • Maintain accurate audit-ready records, asset inventory, and documentation while supporting off-hours maintenance and small projects.

Velora unifies Aplos, Raisely, and Keela to help nonprofits thrive with fundraising, donor management, and financial tracking. We serve over 15,000 nonprofits globally and operate as a remote-first team with a mission to make nonprofit work easier and more impactful.

Philippines

  • Conduct ITGC testing, SOX testing, and SOC examinations.
  • Perform walkthroughs and evaluate supporting evidence.
  • Utilize Microsoft Excel and Copilot for analysis.

GR8 Global is a firm of top 100 US accounting firms that matches talent outside the US with work opportunities in audit, accounting, and finance. They prioritize a positive and inclusive workplace culture where talents are valued.

$60,000–$60,000/yr
US

  • Provide quality customer service and monitor compliance mailbox for client requests.
  • Prepare written responses to security inquiries and handle due diligence questionnaires.
  • Support audit activities and coordinate with departments on policy development and remediation.

TierPoint provides information security and compliance solutions. The company fosters a collaborative, team-oriented culture with a focus on confidentiality and accuracy.

$51,600–$86,000/yr
US

  • Promotes compliance culture by designing and executing monitoring and testing reviews.
  • Manages multiple compliance reviews, coordinating work and communicating findings to stakeholders.
  • Maintains knowledge of banking laws, regulations, and best practices for consumer compliance risk management.

Fulton Bank is a financial institution offering banking services. It fosters a culture of continuous learning, work-life integration, and inclusion, with a digitally enabled work environment for employees and customers.

$112,700–$180,300/yr
US

  • Lead end-to-end third-party audits, evidence collection, and compliance onboarding for new products and features.
  • Partner with cross-functional teams to design and validate internal controls across SOX, SOC, HIPAA, and PCI frameworks.
  • Drive continuous improvement by standardizing processes, reducing manual effort, and collaborating on automated compliance monitoring.

Jobgether uses AI-powered matching to streamline job applications. They are a company focused on connecting candidates with hiring employers through automated shortlisting, with a transparent and flexible work culture.

Lithuania

  • Focus on compliance matters related to in-house IT systems and processes, including creating and updating internal documents.
  • Generate IT documentation for internal and external audits, and participate in interviews during those audits.
  • Provide answers to IT questions from sponsors and during client and vendor agreement reviews, and follow up on audit findings.

PSI is a global company founded in 1995 that focuses on medical science, bringing new medicines to those in need. They bring together more than 3,000 driven, dedicated, and passionate individuals who work on the frontline of medical science.

$95,000–$140,000/yr
US

  • Conduct information systems controls assessments in compliance with FFMIA, GAO, and Federal Audit Manual standards.
  • Evaluate controls within ERP systems, focusing on cybersecurity, access controls, change controls, and segregation of duties.
  • Deliver summary reports with detailed results and actionable recommendations, ensuring effective communication of findings.

Amyx is a company providing IT and professional services, specializing in defense and federal solutions. They are an equal opportunity employer and a VEVRAA federal contractor, seeking qualified candidates including veterans.

$198,238–$233,221/yr
US

  • Own and manage the compliance program including SOC 2 and ISO 27001 readiness and audits.
  • Lead risk assessments, control testing, and enterprise risk management processes.
  • Partner with Engineering, Security, Product, Legal, HR, and Operations to embed compliance into business processes.

Calendly is a scheduling platform used by millions to automate meetings and streamline time management. They are a rapidly growing SaaS company fostering a culture of learning and high performance.

US 8w paternity

  • Collaborate on risk assessments and develop internal surveillance systems to ensure compliance with securities laws.
  • Conduct regular audits, identify control deficiencies, and prepare action plan remediation.
  • Prepare and conduct virtual and physical branch office exams while staying current on regulatory trends.

Mercer Advisors helps families amplify and simplify their financial lives by integrating financial planning, investment management, tax, estate, and more. Serving over 31,300 families across 90+ U.S. cities, they've been ranked #1 RIA firm by Barron's and have a diverse, flexible workforce.

US

  • Develop and maintain the enterprise IT GRC strategy, framework, and roadmap, presenting updates to executive leadership.
  • Lead enterprise IT risk assessments, maintain risk registers, and oversee remediation efforts.
  • Ensure compliance with regulations like NIST, ISO 27001, SOC, PCI-DSS, HIPAA, GDPR, and SOX.

Mission Critical Group is an end-to-end power solutions and services provider that accelerates time-to-power for mission critical environments. With over 1.5 million square feet of U.S. manufacturing capacity, the company supports data centers, healthcare, and industrial facilities where uptime is non-negotiable.

Canada Europe Unlimited PTO

  • Support active and upcoming audits including ISO 27001, SOC 2, PCI DSS, and HIPAA by coordinating evidence and working with control owners.
  • Conduct risk assessments, update risk registers, track remediation, and perform third-party risk management reviews.
  • Respond to customer and prospect security/compliance questions and improve repeatable processes and evidence quality.

Upsun is the cloud application platform for hybrid teams, enabling developers to build, ship, and scale confidently without managing backend infrastructure. The company has a remote, global workforce and fosters a multicultural, open, and inclusive culture with a focus on open source and innovation.

US

  • Monitor security alerts, vulnerabilities, and incidents across enterprise systems and assist in incident response.
  • Maintain compliance with standards such as NIST CSF, ISO 27001, and SOC 2 through audits and policy development.
  • Conduct security risk assessments, evaluate controls, and track remediation plans.

Mission Critical Group is an end-to-end power solutions and services provider that accelerates time-to-power for mission critical environments. With over 1.5 million square feet of U.S. manufacturing capacity, they support data centers, healthcare, and industrial facilities.

$132,000–$165,000/yr
US Unlimited PTO

  • Manage and support compliance certifications including SOC 2, HITRUST, and ISO 27001 audits across the audit lifecycle.
  • Serve as the subject matter expert across the company on compliance frameworks and primary point of contact for external auditors.
  • Maintain the risk register, drive risk identification and reporting, and scale GRC function with AI and automation.

Garner transforms the healthcare economy by partnering with employers to redesign healthcare benefits using data-driven insights. It is a fast-growing healthcare technology company with a mission-driven team focused on making healthcare more affordable and high-quality.

US

  • Manage IT audit projects for the Defense Logistics Agency, applying accounting principles and regulations.
  • Lead daily activities, review deliverables for compliance, and interface with clients.
  • Analyze financial systems and internal controls to help management improve performance.

Amyx is a defense contractor providing IT and audit services to government agencies like the DLA. They are an equal opportunity employer with a focus on veteran recruitment.

US

  • Support implementation and operation of the Compliance Program, including conflict of interest, compliance hotline, and regulatory reviews.
  • Serve as liaison for compliance questions and incidents, and recommend corrective actions and education opportunities.
  • Work with all levels to ensure internal controls provide accurate, complete, and compliant processes.

Cooper University Health Care is a healthcare organization dedicated to providing extraordinary health care and fostering clinical innovation. It offers competitive compensation, comprehensive benefits, and opportunities for professional growth.

$147,800–$164,000/yr
Global 18w maternity 16w paternity

  • Serve as a primary compliance resource embedded in the Alma-to-Spring Health integration, mapping control environments and building a unified compliance organization.
  • Own and lead enterprise-level compliance programs including SOC 2 Type II, HITRUST, HIPAA, GDPR, ISO 27001, ISO 42001, and ITGC-SOX.
  • Develop and operationalize Spring Health's AI governance program, including policies, risk frameworks, and AI-specific compliance documentation.

Spring Health is a global mental health company on a mission to eliminate every barrier to mental health. With outcomes independently validated by JAMA Network Open, Spring Health reaches more than 170 million people worldwide through leading employers, health plans, and partners.

LATAM Unlimited PTO

  • Execute SOC 1, SOC 2, SOC 3 examinations and other security audits.
  • Evaluate the design and effectiveness of technology controls and identify findings.
  • Supervise and provide performance management for IT audit staff.

Insight Assurance is a global audit firm on a mission to transform how organizations achieve cybersecurity and compliance. Founded by former Big 4 professionals, the firm is one of the fastest-growing global audit firms with 170+ professionals supporting nearly 2,000 clients.

US

  • Conducts internal and external audits to evaluate financial, operational, and compliance controls.
  • Analyzes data to detect deficient controls, fraud, or non-compliance and drafts recommendations for improvement.
  • Communicates audit findings to corporate executive management through detailed reports.

Palmetto GBA is a healthcare service administrator providing technology solutions for healthcare administration. It is one of the nation's largest providers of medical claims processing and offers training and development programs for its associates.