The IT Audit & Compliance resource will help maintain and strengthen the organization's IT compliance posture by supporting the design, implementation and execution of IT security internal controls.

This role focuses on identity and access management (IAM), user access reviews (UAR)/access certification, privileged access management (PAM), segregation of duties (SoD), and control testing to support SOX, SOC and other regulatory/compliance frameworks.

The ideal candidate has hands-on experience with Governance, Risk & Compliance (GRC) and access review tools (for example Pathlock, ServiceNow GRC, AuditBoard, Workiva), strong Excel skills for audit data analysis, and familiarity with cloud security concepts (OCI, AWS, Azure).

Key Responsibilities :

- Execute and support internal control activities including User Access Reviews (UAR), Privileged Activity Reviews (PAR), Segregation of Duties (SoD) assessments, and access certification campaigns.

- Manage identity and access management (IAM) processes: onboard/offboard access requests, entitlement reviews, role-based access reviews, and remediation tracking with people managers and stakeholders.

- Configure, run and manage access review workflows using Pathlock (or equivalent GRC/PAM tools), including follow-up communications and escalation to people managers and executive management.

- Support internal and external audits (SOX, SOC, regulatory) by preparing documentation, providing evidence, demonstrating control operation, and responding to auditor inquiries.

- Perform control testing, collect and retain audit evidence, document findings, and track remediation items to closure in GRC or ticketing systems.

- Analyze and compile audit and access review results using advanced Excel (VLOOKUP, XLOOKUP, PivotTables, Power Query) and produce clear summaries and dashboards for management review.

- Collaborate with security, IT operations, cloud teams, and application owners to ensure alignment of controls, SOD rules, and IAM standards across on-premises and cloud environments.

- Contribute to continuous improvement of ITGC processes, automation of review workflows, and adoption of best practices aligned to NIST, ISO27001, and industry frameworks.

Qualifications :

- Bachelor's degree in Information Technology, Computer Science, Information Systems, or a related field.

- About 2+ years of experience in IT audit, IT security, risk management, or compliance-focused roles.

- Hands-on experience with GRC and access review tools such as Pathlock, ServiceNow GRC, AuditBoard, or Workiva is strongly preferred.

- Solid understanding of IT general controls (ITGC), identity and access management (IAM), privileged access management (PAM), and segregation of duties (SoD).

- Familiarity with cloud security concepts and platforms (Oracle Cloud/OCI, AWS, Azure) and how cloud IAM differs from on-premise IAM.

- Knowledge of relevant compliance frameworks and standards (SOX, SOC 1/SOC 2, NIST, ISO27001) and experience supporting audits against these frameworks.

- Advanced proficiency in Microsoft Excel (VLOOKUP, XLOOKUP, PivotTables, Power Query) and experience preparing audit evidence and executive-ready reports; familiarity with additional data analysis tools is a plus.

- Strong analytical skills, attention to detail, and a proactive approach to identifying and mitigating control gaps.

- Excellent communication skills (verbal and written) with the ability to interact with technical and business stakeholders and to present findings clearly to management.

- Ability to prioritize tasks, manage multiple concurrent activities, and work effectively in a fast-paced, remote environment following US shift hours.