Senior IT Compliance Analyst

Who we are...

Verra Mobility is a global leader in smart mobility. We develop technology-enabled solutions that help the world move safely and easily. We are fostering the development of safe cities, working with police departments and municipalities to install over 4,000 red-light, speed, and school bus stop arm safety cameras across North America. We are also creating smart roadways, serving the world's largest commercial fleets and rental car companies to manage tolling transactions and violations for over 8.5 million vehicles. And we are a leading provider of connected systems, processing nearly 165 million transactions each year across 50+ individual tolling authorities. 

Culture 

Verra Mobility Corporation is a rapidly-growing, entrepreneurial company that operates with a people-first philosophy and approach. The company lives by its core values—Do What’s Right, Lead with Grace, Win Together, and Own It—in everything it does for its customers and team members. The company seeks to grow aggressively, both organically and through acquisition, to continue to be the undisputed market leader with these five core competencies: bias for action, customer focus, teamwork, drive for results, and commitment to excellence.

Position Overview:

The primary responsibility of the Senior IT Compliance Analyst is to oversee and ensure the processes and associated controls for the compliance frameworks are designed, managed, and assessed for effectiveness to reduce overall compliance risk across the organization. This includes overseeing and performing continuous monitoring and driving audit actions to ensure adherence to the in-scope compliance frameworks. As part of their day to day, the Senior IT Compliance Analyst will liaise closely with Internal Audit leadership and key stakeholders to ensure full alignment on all IT regulatory compliance issues.

Essential Responsibilities:

• Audit & Compliance
• Establish a comprehensive understanding of the organization’s audit and compliance programs (i.e., SOX, PCI, ISO 27001, SOC 2, Cyber Essentials +, FedRAMP, etc.).
• Lead a team of compliance analysts and collaborate regularly with leadership.
• Serve as and/or oversee the:
• primary subject matter expert leading assigned audit program(s).
• backup support to other audit programs as assigned.
• This includes scoping the audit, scheduling activities, leading calls, coordinating and fulfilling document request lists, leading walkthroughs, and other audit tasks as appropriate.
• Ensure compliance reports are reviewed and ensure the team works collaboratively with control owners on audit remediation work.
• Policies & Procedures
• Lead and guide control owners in development and refinement of controls (i.e., policy requirements and/or ITGCs) for in-scope systems.
• Work collaboratively with internal and external auditors to ensure controls are consistent with expectations and leading practices.
• Assist control owners to identify any potential issues prior to formal audits.
• Documentation & Program Maintenance
• Efficiently manage tasks, prioritize responsibilities as well as resource planning for the team, and maintain order in a fast-paced environment.
• Perform and support the continuous monitoring of IT controls.
• Build reports and present metrics from monitoring and audit activities to senior leadership.
• Oversee general tasks including but not limited to i) Identify process improvement opportunities to mature and automate the compliance program and implement the change ii) RFI/RFP/contract responses iii) risk management assessments iv) vendor risk reviews v) ticket responses vi) project work.
• Partner with other business units to collaboratively streamline the enterprise-wide compliance program.

Qualifications:

• Required
• Bachelor’s degree in an appropriate field from an accredited university or 3-5 years equivalent experience.
• SOX & PCI working experience and/or certification(s).
• CIA, or CISA (Other relevant certifications will be considered)
• Experience performing audits, leading controls walkthroughs, interviewing stakeholders, gathering information, and identifying relevant information for documentation.
• Coachable and willing to learn.
• Ability to take initiative and drive results.
• Preferred
• ISO 27001 working experience and/or certification(s).
• Strong organizational and time management abilities with formal project management experience and/or certification(s).
• Ability to work collaboratively with diverse stakeholders.
• Experience working in AuditBoard.
• Proficiency in Microsoft Office (i.e., excel xlookup, Power BI report building).
• Desired
• SOC 2 & NIST working experience and/or certification(s).
• Experience working in a regulated industry.
• Experience with ERP systems (e.g., Oracle, SAP, NetSuite, Great Plains, etc.).