Analyst, Digital Security

WM is an equal opportunity employer.  All qualified applicants will receive consideration for employment without regard to race, color, creed, religion, sex, sexual orientation, gender identity, national origin, age, disability, status as a protected veteran or any other characteristic protected under applicable federal, state, or local law.

WM, a Fortune 250 company, is the leading provider of comprehensive waste and environmental services in North America. We are strongly committed to a foundation of operating excellence, professionalism and financial strength. WM serves nearly 25 million customers in residential, commercial, industrial and municipal markets throughout North America through a network of collection operations, transfer stations, landfills, recycling facilities and waste-based energy production projects. 

I. Job Summary 
Play a key role in supporting the development, implementation, and maintenance of governance, risk, and compliance frameworks across the IT landscape. The Digital/IT Compliance Analyst will report to the Digital/IT Compliance Manager and work closely with cross-functional teams to ensure IT operations align with both internal policies and external regulatory requirements, while proactively identifying risks and implementing mitigation strategies. Play a key role in supporting the development, implementation, and maintenance of governance, risk, and compliance frameworks across the IT landscape. The Digital/IT Compliance Analyst will report to the Digital/IT Compliance Manager and work closely with cross-functional teams to ensure IT operations align with both internal policies and external regulatory requirements, while proactively identifying risks and implementing mitigation strategies.

II. Duties and Responsibilities include the following: 
To perform this job successfully, an individual must be able to perform each duty satisfactorily. Other ancillary duties may be assigned. 

Engage Across the Business: Partner with IT and business teams to identify and centrally manage emerging and existing risks associated with IT application security, identity and access management, configuration and data governance and overall enterprise policy adherence Evolve Our Capabilities: Leverage leading practice GRC Compliance tools (such as OneTrust, Sailpoint, Oracle Risk Cloud, Monday.com, AuditBoard, and SAP GRC) to enable effective and sustainable risk prevention or risk mitigation compliance strategies Lead the business adoption and maintenance of GRC Compliance tools and analytics to monitor and report on compliance with IT security policies, regulatory requirements, and industry standards. Empower Our People: Provide training and awareness programs on IT security, risk management, and compliance topics for employees across the organization and build a culture of proactive compliance maturity.  Support internal and external audits by providing necessary documentation and evidence of compliance with relevant laws and regulations (e.g., SOX,  PCI DSS, ERCOT, PII, CCPA, EPA etc.). Enable Business Strategies: Stay up-to-date on changes in regulations, best practices, and emerging technologies that could impact the organization's IT governance and compliance posture.

 

 

III. Qualifications 

Must live and work in the U.S.

A. Education and Experience 

• Required: Bachelor's Degree in Computer Science, MIS, Business Administration or similar area of study. Three (3) years of previous experience required. An additional four (4) years of related experience may substitute for the Bachelor's degree.
• Preferred: Bachelor's Degree and at least three (3) years of experience in network, host, data and/or application security in multiple operating system environments.

B. Certificates, Licenses, Registrations or Other Requirements 

• None required.
• Preferred: Other professional certifications desired include: CISSP, CISA

C. Other Knowledge, Skills or Abilities Required

Experience in IT compliance with responsibilities involving interpretation of regulatory requirements (e.g. SOX,  PCI DSS, ERCOT, PII, CCPA, EPA etc.). and demonstrated success in translating them into actionable and sustainable compliance strategies. Familiarity with common IT governance and risk management frameworks (e.g., COBIT, NIST, ISO 27001/27002, ITIL). Big 4 Consulting Experience and Professional certifications (e.g., CISSP, CCSP, CISM, CISA, CPA, CRISC, CC ISO 27001 Lead Implementer) are a plus. Technical understanding of Oracle ERP systems, Processes, Configurations, & System Functionality Familiarity with Best Practice Oracle Application Security Role Design Concepts Experience with Segregation of Duties and Sensitive Access Rulesets, and ERP Configuration Change Management Controls and Policies Experience with Hands-On Compliance Tools such as OneTrust, Sailpoint, Oracle Risk Cloud, Monday.com, AuditBoard, and SAP GRC Competency in Analytical Tools or Languages such as PowerBI, Tableau, Alteryx and familiarity with Data Governance controls in backend database platforms such as Snowflake and S/4 HANA Knowledge of cloud environments and their associated risks (AWS, Azure, Google Cloud, etc.). Prioritizes accountability, ownership, and proactive communication Critical thinking and analytical skills with ability to both identify risks and propose solutions. Strong attention to detail, organizational skills, and ability to build/follow process flows and maps Ability to “build a coalition” and work collaboratively with cross-functional teams.

 

IV. Work Environment and Essential Functions 

Normal setting for this job is: office setting.

The expected base pay range for this position across the U.S. [or Canada as appropriate] is $88,515 - $129,800.  This range represents a good faith estimate for this position.  The specific salary offered to a successful candidate may be influenced by a variety of factors including the candidate’s relevant experience, education, training, certifications, qualifications, and work location. 

Benefits 
At WM, each eligible employee receives a competitive total compensation package including Medical, Dental, Vision, Life Insurance and Short Term Disability. As well as a Stock Purchase Plan, Company match on 401K, and more! Our employees also receive Paid Vacation, Holidays, and Personal Days. Please note that benefits may vary by site. 

If this sounds like the opportunity that you have been looking for, please click “Apply”. 

ABOUT WM WM (WM.com) is North America’s largest comprehensive waste management environmental solutions provider. Previously known as Waste Management and based in Houston, Texas, WM is driven by commitments to put people first and achieve success with integrity. The company, through its subsidiaries, provides collection, recycling and disposal services to millions of residential, commercial, industrial and municipal customers throughout the U.S. and Canada. With innovative infrastructure and capabilities in recycling, organics and renewable energy, WM provides environmental solutions to and collaborates with its customers in helping them achieve their sustainability goals. WM has the largest disposal network and collection fleet in North America, is the largest recycler of post-consumer materials and is the leader in beneficial reuse of landfill gas, with a growing network of renewable natural gas plants and the most gas-to-electricity plants in North America. WM’s fleet includes nearly 11,000 natural gas trucks – the largest heavy-duty natural gas truck fleet of its kind in North America – where more than half are fueled by renewable natural gas. To learn more about WM and the company’s sustainability progress and solutions, visit Sustainability.WM.com.