Perform testing and validation of IT controls (ITGC), ensuring they are properly designed and operating effectively;
Assess controls in the following areas:
Access Management (IAM)
Change Management / SDLC
Cybersecurity and data protection
IT operations and monitoring
Business continuity and Disaster Recovery
Validate audit evidence, ensuring quality, completeness and adherence to requirements;
Support internal and external audits (SOC 2, ISO 27001, and others), including: audit response, evidence organization, and support throughout the audit lifecycle;
Execute tests of global and local QMS (Quality Management System) controls;
Identify gaps, risks and control deficiencies, proposing remediation plans;
Monitor and ensure execution of remediation plans;
Collaborate with IT, security, risk, and product teams to ensure compliance;
Address stakeholders' questions regarding compliance and controls;
Assist in the design and improvement of controls and processes;
Maintain compliance dashboards, reports, and metrics;
Support access reviews and security policy updates;
Proactively identify risks and opportunities for continuous improvement.

2 to 4 years of experience in:
IT Compliance
IT Audit
ITGC control testing
QMS or risk management
Solid knowledge in:
ITGC (IT General Controls)
Control testing (design and operational effectiveness)
Evidence management and audit support
Frameworks and standards: SOC 2, ISO 27001
Information Security Policies (ISP)
Experience with:
Access Management (IAM)
Change Management / SDLC
Cybersecurity
IT operations and monitoring
Familiarity with testing methodologies: walkthrough, sample testing, reperformance, inspection
Experience with GRC tools: Archer, ServiceNow GRC or similar
Knowledge of: vulnerability scanning, penetration testing, security monitoring
Proficient in Microsoft Office (advanced Excel preferred).

Technology Compliance Analyst – Mid-level

Key skills