Security Analyst

Job Title: Security Analyst

 Location: Seattle, WA

 Employment Type: Contract

About Us:

 DMV IT Service LLC is a trusted IT consulting firm, established in 2020. We specialize in optimizing IT infrastructure, providing expert guidance, and supporting workforce needs with top-tier staffing services. Our expertise spans system administration, cybersecurity, networking, and IT operations. We empower our clients to achieve their technology goals with a client-focused approach that includes online training and job placements, fostering long-term IT success.

Job Purpose:

We’re looking for a Security Analyst to help strengthen and embed IT General Controls (ITGCs) within our technology projects and systems. This role ensures SOX 404 compliance is integrated into the software development lifecycle (SDLC) and supports secure, compliant, and audit-ready processes. You’ll work cross-functionally with cybersecurity, engineering, product, and business teams to assess risk, guide control implementation, and drive consistent, sustainable compliance outcomes.

Requirements

Key Responsibilities

• Lead and implement SOX IT General Controls for new systems, projects, and technical initiatives.
• Partner with project teams to align SOX control requirements within technical specifications and delivery plans.
• Document control design narratives and maintain testing records for SOX-relevant systems.
• Act as a subject matter expert for SOX in SDLC processes, advising teams on risk mitigation and control strategies.
• Coordinate walkthroughs, evidence collection, and testing with internal and external audit teams.
• Evaluate SOX impacts of technology changes and implementations across enterprise systems.
• Track and manage remediation of identified control gaps to ensure long-term resolution.
• Support quarterly certification and management sign-offs for system changes and deployments.
• Maintain organized documentation and evidence libraries to support compliance readiness.
• Produce regular reports and metrics highlighting program health, issue tracking, and control effectiveness.
• Provide training and guidance to stakeholders on SOX best practices, control ownership, and process compliance.

Required Skills & Experience

• 5+ years of experience in IT Audit, GRC, or SOX Compliance, especially focused on SDLC, access management, and change control.
• Background in Big 4 consulting or similar IT audit firms with hands-on ITGC and application control experience.
• In-depth knowledge of SOX 404, control design, risk evaluation, and testing techniques.
• Proven experience embedding SOX controls in technology projects and enterprise system rollouts.
• Strong understanding of access controls, change management, IT operations, and development lifecycles.
• Experience with retail systems such as Oracle EBS, RMS, OMS, WMS, and their compliance implications.
• Familiarity with cloud platforms (AWS, Azure) and SaaS applications from a compliance lens.
• Skilled in using GRC platforms like ServiceNow, Jira, or Archer to manage workflows and documentation.
• Strong interpersonal and communication skills with the ability to influence across technical and non-technical teams.
• Able to manage multiple projects in a dynamic, global business environment.
• Professional certifications such as CISA, CPA, CISSP, or CIA are required.