POSITION OVERVIEW
Fidelity National Financial (FNF) is seeking an IT Compliance Senior Analyst to join the IT Compliance team to work closely with IT management in the development, evaluation, and monitoring of the IT control environment. The IT Compliance Senior Analyst serves as a key member of the IT Compliance team with growing responsibilities, this person may be called upon to participate in any aspect of IT Compliance. This includes planning, coordination, development, execution, maintenance and reporting of the overall IT Control frameworks; Internal Controls/SOC2 compliance; information security; and other audit areas that may serve a combination of operational, financial and technological objectives. The person in this role must possess a strong working knowledge of IT risk and audit concepts, practices, and procedures while relying on experience in enterprise IT systems, project management, data analytics, and program level communications and reporting.
DUTIES & RESPONSIBILITIES
Responsibilities may include, but are not limited to the following:
- Support of the organization to achieve their IT compliance responsibilities.
- Coordinate and liaise with internal and external auditors, as an IT representative to ensure the lifecycle of each audit is thoroughly supported.
- Document new and existing IT processes and controls.
- Develop and execute testing approaches to evaluate the operating effectiveness of controls and maintain ongoing compliance through continuous monitoring.
- Act as a single point-of-contact between IT managers and auditors to review control evidence and close audit findings; including reviewing management control testing and documentation.
- Operate as IT Compliance administrator for the IT remediation work tracking system; the system used to track the status of remediation deliverables committed to audit teams.
- Work with IT managers to address audit findings by developing and implementing practical solutions towards remediation of the findings, including defining success criteria.
- Execute post-migration evaluations for application migrations to the cloud.
- Communicate effectively with IT leadership, present key observations and value-added insights through regular reporting
- Administrative support of the IT Compliance information, reporting, and workflow systems. Namely SharePoint on-prem and cloud systems.
- Identify and present new opportunities to streamline or innovate IT Compliance processes, reporting, or systems.
MINIMUM REQUIREMENTS
- Bachelor’s Degree (Preferred Fields of Study; Information Technology, Management Information Systems, Computer and Information Science, Finance & Technology, Business or related field)
- Requires 3+ years in an IT Compliance, IT Audit, or IT Risk role
- Understanding of IT policies, risks, processes, and controls
- Ability to identify key risks and controls, with a thorough understanding of security and control optimization for application security
- Experience in conducting security design workshops with IT stakeholders
- Demonstrates ability to manage relationships with IT management at varying levels
- Experience with assessing control frameworks NY DFS, NIST, CIS, NAIC, TSC, or similar
- Experience across IT ecosystems (Application Development, Infrastructure, Cloud)
- Familiar with SOX, SOC2 or Trust Services Principles.
- Proficiency in Microsoft Excel, Word, and PowerPoint
- Experience scheduling and preparing presentations and status reports
PREFERRED EXPERIENCE
- Experience with cloud platform technology
- Experience with ServiceNow and CMBD platform
- Experience with GRC solutions
- Familiarity with SharePoint development or administration
- Familiarity with assessing cloud architecture
- Microsoft Directory Services