Audit Compliance Analyst Jobs in USA, VA, Richmond | Rose International Job

Required Education:

• Bachelor's degree in Information Technology, Computer Science, or a related field

Preferred Certifications:

• Relevant cybersecurity or IT certifications (e.

g., Security+, CISA, NIST CSF, PMP, CGRC, CISSP or CISM)

Required Qualifications:

• Demonstrated understanding of cybersecurity risks, controls, and industry frameworks (e.

g., NIST

SP 800 53, NIST

Cybersecurity Framework, ISO/IEC 27001)

• At least 3 years' experience with ServiceNow GRC/IRM and ideally ServiceNow ITSM modules
• Practical experience applying governance, risk, and compliance (GRC) principles
• Familiarity with governance tools such as the Unified Control Framework (UCF) and SIG
• Strong collaboration, interpersonal, and communication skills, with the ability to work effectively across technical and non technical stakeholders
• Understanding of project management principles and the Software Development Lifecycle (SDLC)
• Strong written and verbal communication skills with a focus on clarity, quality, and professionalism
• Demonstrated commitment to continuous improvement and process optimization

Preferred Qualifications:

• Experience partnering with Risk, Compliance, Legal, and Internal Audit teams
• Familiarity with regulatory and assurance frameworks such as HIPAA, Sarbanes Oxley (SOX), NY

DFS, SOC

1, and SOC 2

Audit Compliance Analyst Responsibilities:

• Coordinate and administer the ServiceNow Policy and Compliance modules, ensuring accurate configuration, maintenance, and effective day to day operation
• Manage and monitor ServiceNow ITSM oversight ticket queues, ensuring timely intake, triage, tracking, and resolution of catalog, policy, and compliance related requests
• Collaborate with Information Security, Risk, Compliance, Legal, Audit, IT, and business stakeholders to support enterprise policy and compliance initiatives
• Operationalize and automate policy and compliance lifecycle activities, including policy management, reviews, attestations, continuous monitoring, and control testing
• Reduce manual effort through automation, standardization, and improved workflows for evidence collection and control validation
• Support a "test once, satisfy many" methodology to streamline compliance efforts across multiple regulatory, audit, and assurance requirements
• Implement and maintain continuous monitoring activities to identify policy or control violations and support timely response and remediation
• Develop, maintain, and communicate policy and compliance metrics through dashboards and reports for leadership and key stakeholders
• Coordinate information and evidence across the organization to support audits, assessments, regulatory inquiries, and internal reviews
• Manage competing priorities, short turnaround requests, and tight deadlines while maintaining high quality, accuracy, and attention to detail
• Create and maintain standard operating procedures, job aids, and other required documentation
• Identify opportunities for process improvement and efficiency and support the implementation of enhancements
• Work independently while collaborating closely with team members, application owners, contractors, and business partners
• Operate effectively in a distributed, virtual team environment
• Maintain a working knowledge of information security policies, standards, and regulatory requirements
• Demonstrates the ability to independently execute assigned responsibilities with minimal supervision, managing day to day operational tasks, exercising sound judgment, and escalating issues as appropriate.
• Accountable for end to end execution within a defined scope.
• This is a hands on, execution focused role with direct responsibility for operational delivery
• Only those lawfully authorized to work in the designated country associated with the position will be considered.
• Please note that all Position start dates and duration are estimates and may be reduced or lengthened based upon a client's business needs and requirements.

•