IT Risk and Compliance Analyst I

POSITION SUMMARY:  As a member of the Cyber Security group, the IT Risk and Compliance Analyst I is responsible for supporting the organization’s IT risk management, third-party risk management, and compliance efforts.  The IT Risk and Compliance Analyst will assist in identifying, assessing, and mitigating IT-related risks while ensuring compliance with relevant laws, regulations, and industry standards.  This position will collaborate with IT, and other business departments to evaluate IT controls in the context of PCI and NIST standards.

PRINCIPAL RESPONSIBILITIES: 

• Perform comprehensive enterprise-wide IT risk assessments and audits, collaborating cross-functionally to identify, prioritize, and mitigate cyber risks and compliance issues.

• Develop, implement, and maintain robust IT security policies, procedures, and controls aligned with organizational objectives, industry frameworks (e.g., NIST 800-53), and regulatory requirements (e.g., PCI DSS).

• Design and execute engaging security awareness training programs and campaigns to cultivate a security-minded culture.

• Create and maintain documentation related to IT risk and compliance activities.

• Continuously monitor and evaluate emerging IT risks, regulatory changes, and industry trends to proactively adapt security and compliance controls.

• Conduct third-party cyber risk assessments, ensuring vendors and partners align with core cyber and compliance standards.

• Establish and maintain a comprehensive risk register, identifying, assessing, and mitigating IT security risks to enhance organizational resilience.

• Provide expert guidance to stakeholders on interpreting and implementing company standards and regulatory requirements.

• Complete inbound VSQs, RFPs, and RFIs, ensuring comprehensive and timely responses.

• Other non-essential duties as assigned or may be necessary.

QUALIFICATIONS: 

• Comprehensive knowledge of industry standards, frameworks (e.g., NIST-CSF),  and regulatory requirements (e.g., PCI DSS,).

• Experience with Governance, Risk, and Compliance (GRC) tools.

• Demonstrated experience in policy and procedure development.

• Demonstrated experience in conducting risk assessments, audits, and developing mitigation strategies.

• Ability to stay current with evolving cybersecurity threats, industry trends, and regulatory changes, applying this knowledge to enhance organizational security posture.

• Detail-oriented with strong organization, prioritization and time management skills.

• Critical thinking, ability to analyze complex IT risk and compliance challenges. 

• Proven ability to work collaboratively in cross-functional teams and build strong relationships with various stakeholders across the organization.

• Strong communication skills to effectively interact with internal and external partners at all levels to resolve issues and provide solutions.

• Intermediate to advanced proficiency in Microsoft Office suite, including Word, Excel and PowerPoint.

• Professional certifications such as CISA, CRISC, GCCC, GSEC, CGRC, or similar - preferred.

MINIMUM REQUIREMENTS: 

• 3+ years of experience in IT risk management, compliance, information security, or similar roles.

• Prior experience with NIST CSF, PCI DSS, or similar audits.

Rewarding Compensation and Benefits

Eligible employees can elect to participate in:
• Comprehensive medical benefits coverage, dental plans and vision coverage.
• Health care and dependent care spending accounts. 
• Short- and long-term disability.
• Life insurance and accidental death & dismemberment insurance.
• Employee and Family Assistance Program (EAP).
• Employee discount programs.
• Retirement plan with a generous company match.
• Employee Stock Purchase Plan (ESPP).

The statements used herein are intended to describe the general nature and level of the work being performed by an employee in this position, and are not intended to be construed as an exhaustive list of responsibilities, duties and skills required by an incumbent so classified.  Furthermore, they do not establish a contract for employment and are subject to change at the discretion of the Company.

EEO STATEMENT:Republic Services is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, sexual orientation, gender identity or expression, national origin, age, disability, protected veteran status, relationship or association with a protected veteran (spouses or other family members), genetic information, or any other characteristic protected by applicable law.

ABOUT THE COMPANY

Republic Services, Inc. (NYSE: RSG) is a leader in the environmental services industry. We provide customers with the most complete set of products and services, including recycling, waste, special waste, hazardous waste and field services. Our industry-leading commitments to advance circularity and support decarbonization are helping deliver on our vision to partner with customers to create a more sustainable world.

In 2023, Republic’s total company revenue was $14.9 billion, and adjusted EBITDA was $4.4 billion. We serve 13 million customers and operate more than 1,000 locations, including collection and transfer stations, recycling and polymer centers, treatment facilities, and landfills.

Although we operate across North America, the collection, recycling, treatment, or disposal of materials is a local business, and the dynamics and opportunities differ in each market we serve. By combining local operational management with standardized business practices, we drive greater operating efficiencies across the company while maintaining day-to-day operational decisions at the local level, closest to the customer.

Our customers, including small businesses, major corporations and municipalities, want a partner with the expertise and capabilities to effectively manage their multiple recycling and waste streams. They choose Republic Services because we are committed to exceeding their expectations and helping them achieve their sustainability goals. Our 41,000 team members understand that it's not just what we do that matters, but how we do it.

Our company values guide our daily actions:

• Safe: We protect the livelihoods of our colleagues and communities.
• Committed to Serve: We go above and beyond to exceed our customers’ expectations.
• Environmentally Responsible: We take action to improve our environment.
• Driven: We deliver results in the right way.
• Human-Centered: We respect the dignity and unique potential of every person.

We are proud of our high employee engagement score of 86. We have an inclusive and diverse culture where every voice counts. In addition, our team positively impacted 4.6 million people in 2023 through the Republic Services Charitable Foundation and local community grants. These projects are designed to meet the specific needs of the communities we serve, with a focus on building sustainable neighborhoods.   

STRATEGY

Republic Services’ strategy is designed to generate profitable growth. Through acquisitions and industry advancements, we safely and sustainably manage our customers’ multiple waste streams through a North American footprint of vertically integrated assets.  

We focus on three areas of growth to meet the increasing needs of our customers: recycling and waste, environmental solutions and sustainability innovation.

With our integrated approach, strengthening our position in one area advances other areas of our business. For example, as we grow volume in recycling and waste, we collect additional material to bolster our circularity capabilities. And as we expand environmental solutions, we drive additional opportunities to provide these services to our existing recycling and waste customers.

Recycling and Waste

We continue to expand our recycling and waste business footprint throughout North America through organic growth and targeted acquisitions. The 13 million customers we serve and our more than 5 million pick-ups per day provide us with a distinct advantage. We aggregate materials at scale, unlocking new opportunities for advanced recycling. In addition, we are cross-selling new products and services to better meet our customers’ specific needs.

Environmental Solutions

Our comprehensive environmental solutions capabilities help customers safely manage their most technical waste streams. We are expanding both our capabilities and our geographic footprint. We see strong growth opportunities for our offerings, including PFAS remediation, an increasing customer need. 

SUSTAINABILITY INNOVATION

Republic’s recent innovations to advance circularity and decarbonization demonstrate our unique ability to leverage sustainability as a platform for growth.

The Republic Services Polymer Center is the nation’s first integrated plastics recycling facility. This innovative site processes rigid plastics from our recycling centers, producing recycled materials that promote true bottle-to-bottle circularity. We also formed Blue Polymers, a joint venture with Ravago, to develop facilities that will further process plastic material from our Polymer Centers to help meet the growing demand for sustainable packaging. We are building a network of Polymer Centers and Blue Polymer facilities across North America.

We continue to advance decarbonization at our landfills. As demand for renewable energy continues to grow, we have 70 landfill gas-to-energy projects in operation and plan to expand our portfolio to 115 projects by 2028.

RECENT RECOGNITION

• Barron’s 100 Most Sustainable Companies
• CDP Discloser
• Dow Jones Sustainability Indices
• Ethisphere’s World’s Most Ethical Companies
• Fortune World’s Most Admired Companies
• Great Place to Work
• Sustainability Yearbook S&P Global