IT Compliance Analyst

Job Summary

The IT Compliance Analyst plays a pivotal role in ensuring the enterprise’s compliance with the Sarbanes-Oxley Act/Bill 198 regulations. This individual is responsible for testing, documenting, evaluating, remediating, and improving internal IT controls for effectiveness and operational efficiency. The IT Compliance Analyst will fulfill these duties by collaborating with internal and external audit teams, IT management, consultants, and other stakeholders to ensure compliance requirements are met. Strong knowledge of governance frameworks is essential for this position.

Education and Skills

Formal Education & Certification

•    Minimum Bachelor’s degree information technology and/or in accounting.
•    Certified Information Systems Auditor (CISA) or Certified Information Systems Security Professional (CISSP) designations preferred.

Knowledge & Experience

•    At least 2 years of internal audit experience or prior work experience with consulting/auditing firm.
•    Strong familiarity with governance and controls frameworks, such as COBIT, COSO, ITIL and privacy regulations.
•    Direct knowledge of and exposure to Sarbanes-Oxley Act/Bill 198 requirements in relation with ITGCs.
•    Solid experience in testing, evaluating, and documenting controls for compliance.
•    Solid understanding of assessing and designing IT controls in an enterprise-level environment.
•    Expertise with flowcharting software tools (e.g. Visio).
•    Strong project management skills.
•    PC skills and hands-on experience building tools and presentations with Microsoft Word, Excel, PowerPoint, Project, and Access.

Responsibilities

Strategy & Planning

•    Review existing documentation of IT controls, policies, procedures, business processes, risk assessments and management reports for effectiveness and sustainability.
•    Develop plans to enhance IT controls and implement compliance measures to ensure adherence to regulations, standards, and frameworks, and to address any findings from audits or assessments.
•    Develop and deliver relevant training content to the divisional and corporate IT teams and other stakeholders.

Acquisition & Deployment

•    Support the selection, evaluation, acquisition, implementation and enhancement of GRC solutions, and tools (i.e. SOD monitoring automation) to be used by the IT governance and compliance team, auditors and other stakeholders.

Operational Management

•    Review, document, evaluate, and test manual and automated computer controls throughout the enterprise IT environment, including server, application, middleware, and client-side.
•    Develop and implement testing methodologies for application development, IT infrastructure, security, and availability.
•    Design and execute Sarbanes-Oxley Act/Bill 198 compliance tests of operating effectiveness for IT general controls (ITGCs); coordinate required remediation. 
•    Conduct risk assessments on operational IT processes, procedures, and policies.
•    Interpret audit results and make conclusions on the adequacy and reliability of controls; prepare and present reports as necessary.
•    Prioritize assessments and audit projects based on severity of risk and non-compliance.
•    Communicate control strengths and weaknesses to internal audit; collaborate with internal audit to develop mitigation plans.
•    Apply COBIT, COSO, ITIL, or ISO frameworks to all documentation and remediation efforts.
•    Design and perform reengineering of IT processes and procedures in need of remediation.
•    Conduct gap analysis via testing and recommend specific actions to fix gaps in processes and/or process management.
•    Design enhancement for internal controls such as segregation of duties, production change management, software management, security, incident handling, and transmission integrity.
•    Assist the internal audit team in delivering requests from external auditors and consultants.
•    Liaise with external auditors to facilitate the auditing process.

About ATS

ATS Corporation is an industry-leading automation solutions and technology provider to many of the world's most successful companies. Using extensive knowledge and global capabilities in custom and repeat automation, automation products and value-added solutions including pre-automation and after-sales services, ATS businesses address the sophisticated manufacturing automation and service needs of multinational customers in markets such as life sciences, transportation, food & beverage, consumer products, and energy. With a dynamic culture that is bolstered by driven employees and the ATS Business Model (ABM), ATS companies are united by a shared purpose of creating solutions that positively impact lives around the world. Founded in 1978, ATS employs over 7,000 people at more than 65 manufacturing facilities and over 85 offices in North America, Europe, Southeast Asia and Oceania. The Company's common shares are traded on the Toronto Stock Exchange and the NYSE under the symbol ‘ATS’.